fbpx
our committment

Privacy Policy • Terms of Service

Dunforce is committed to providing the best possible service and ensuring full data protection. Our quality and GDPR charter is at the heart of our approach.

Privacy Policy

What to we do when you visit our website

What we collect?
This privacy policy sets out how we, at Dunforce, use and protect any information that you give when you use this website. Please note that our application has a different privacy policy that our clients are signed directly with the company.

We are committed to ensuring that your privacy is fully protected. We fully respect the wonderful GDPR and the CalOPPA. Should we ask you to provide certain information by which you can be identified – ‘Personally Identifiable Information’ (PII) – when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Dunforce may change this policy by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

We may collect the following information:
– name, company and job title,
– contact information like email address and phone number,
– other information relevant to customer surveys and/or offers.

What we do with the information we gather?
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

Internal record keeping,
We may use the information to improve our products and services,
We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided,
From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone or mail. We may use the information to customise the website according to your interests.
Of course, you will be able to unsubscribe by using the link at the bottom of each email we may send or directly by sending us an email to support@dunforce.io

Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:

whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at support@dunforce.io
We will not sell, distribute or lease your personal information to third parties.

You may request details of personal information which we hold about you. A small fee will be payable. If you would like a copy of the information held on you please write to support@dunforce.io.

If you believe that any information we are holding on you is incorrect or incomplete, please write us an email as soon as possible, at the above address. We will promptly correct any information found to be incorrect.

It’s also important to note that we do not allow third-party behavioral tracking.

We do not specifically market to children under the age of 13 years old (Children Online Privacy Protection Act)

How we protect your information?
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Our website and our application are scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We do not use Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.

How we use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. We may also use trusted third-party services like Google Analytics that track this information on our behalf.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website.

Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below.

DUNFORCE
5 Allées de Tourny, Bordeaux, 33000, France
contact@dunforce.io • +33 9 723 723 70

Terms of Service

Using our solution implies responsabilities on both sides

Definition
This contract establishes the terms of collaboration between the following parties:
• Dunforce SAS located at 5 Allées de Tourny, 33000 Bordeaux, France, publisher of the Dunforce service , hereinafter referred to as Dunforce,
• The company using the service, hereinafter referred to as the Customer.
Individually referred to as “Party” and together referred to as “Parties”,

• “Solutions” means the operational functions made available to the Customer as part of the Application Services subject of the contract;
• “Software” means the software provided by Dunforce to the Customer and which provides in particular the associated Solutions;
• “SaaS” means Software as a Service, designating the fact that the software is hosted on remote servers, accessible by the Customer via the Internet and that it does not require any installation or update by the Customer;
• “Application Service” means the service offered in SaaS mode by Dunforce, allowing the use of the Solutions by the Customer;
• “API” means Application Programming Interface and is a standardized set of classes, methods, or functions that allows access to Dunforce services through other software;
• “Data” means the information, publications and, in general, the data of the Customer database whose use is the subject of this contract, which can only be consulted by the Users;
• “Identifiers” designate both the user’s own identifier (“login”) and the login password (“password”), communicated after registration to the service;
• “Internet” refers to the set of interconnected networks, which are located in all regions of the world;
• “User” means the person placed under the responsibility of the Customer (agent, employee, representative, etc.) and having access to the Application Services on his computer under the license of use contracted by the Customer;
• “Quotation” means the commercial proposal issued by Dunforce for the Customer, describing the outline of the service and the associated rates and accepted by the Customer. This quote can result from a specific proposal or a simple acceptance of the rates available on the site and accepted via an electronic signature at registration.

Purpose
Dunforce is a hosted software that simplifies and speeds up invoice processing. As such, it collects information on customer and supplier invoices in order to facilitate their follow-up and collaboration between the parties concerned by their management (contacts, payment statements, statement of reminders …). The software implements an automated system of adapted multichannel reminders. And it offers a complete payment platform, to accelerate collections. Dunforce is a fully configurable SaaS solution to suit the specific needs of the Customer and allow him to have a recovery that respects his customer relationship.
The Customer uses the Service for this purpose of managing his invoices. It wants to optimize its entire process of processing and recovery to reduce the resources involved, facilitate supervision and manage the follow-up.
Dunforce consents to the Customer, who accepts:
• a right of access to Dunforce’s servers under the conditions defined below;
• an end-use right of the Solutions;
• a set of services defined below, including data hosting, maintenance of the Application Services, technical assistance.
Duration
The Contract will take effect from the date of signature of the acceptance of the Quotation. Its duration is fixed by the Quotation and is tacitly renewable for the same duration. In the absence of a term in the Quote, the initial period will be 12 months.
The Customer may terminate up to 1 month prior to the deadline by a simple writing (email to resiliation@dunforce.io or mail to the Dunforce mailing address).
Dunforce may at any time terminate this contract for default or default by the Client to the obligations of this contract. This contract will be terminated ipso jure 15 days after the sending of an email to the signatory of the Quotation.
Dunforce may be required to modify this Agreement, particularly as a function of new services. The new version will be served on the Client in writing, mail or mail. The Customer will be free not to accept the new terms and accept the resolution of this Agreement.
Service
Dunforce makes available to the Customer the Software that delivers a set of Solutions available in SaaS or access via its API. Features are described in the Software documentation, available online at any time or by simple request to contact@dunforce.com. Depending on the options chosen by the Customer, these functionalities are made available to the Customer for his use. Dunforce periodically sets the version level of the solutions made available. The services evolve according to a development plan fixed by Dunforce and which the Customer will have access according to the selected options.
Dunforce provides Hosting Data, Maintenance and Security Solutions.
Dunforce safeguards the data in a manner consistent with the service provided by a leading, internationally recognized data center with European security and compliance certificates.
Specific developments are the subject of a Quotation.
For a number of specific services, Dunforce integrates third-party solutions previously selected and validated for quality and reliability.
In fact, the General Conditions of Services of these partners will be applicable on the service concerned and notified to the Customer if their use is retained in the version used by the Customer.
These include the following services:
● mailing (simple mail, registered mail),
● SMS and automatic calls,
● payment platform,
● electronic archiving,
● legal procedures,
● sending via EDI.

The Customer may also choose its own third-party solutions to integrate into the Dunforce solution. In this context, the Customer will provide Dunforce with a validated version of this service provider’s terms and conditions.

The Customer will use this right of access alone. It will be able to connect at any time 24/7 and possibly with assistance of the technical teams of Dunforce during the working hours.
Access is made from the Clients’ computers and mobiles using the Identifiers provided to the Customer. The Customer’s identification when accessing the Application Services is done by means of an ID assigned to each User by Dunforce, and a password communicated to the Customer by Dunforce.The Customer will use the Identifiers that will have been communicated to him during each connection to the Application Services.
The Identifiers are intended to reserve the access of the Solutions under the Contract to the Customer’s Users, to protect the integrity and availability of the Solutions, as well as the integrity, availability and confidentiality of the Customer Data as transmitted by the Customers. users. The identifiers are personal and confidential. They can only be changed at the request of the Customer or at the initiative of Dunforce subject to informing the Customer in advance. The Customer undertakes to make every effort to keep the Identifiers relating to it secret and not to disclose it in any form whatsoever. The Customer is fully responsible for the use of the Identifiers and is responsible for the custody of the access codes given to him. It will ensure that no other person not authorized by Dunforce has access to the Application Services and Solutions. In general, the Customer assumes responsibility for the security of the individual Access Points to the Solutions. In the event that he becomes aware of what another person is accessing, the Client will inform Dunforce without delay. In case of loss or theft of one of the identifiers, the Customer will use the procedure implemented by Dunforce allowing him to recover his identifiers.

Dunforce grants the Customer a personal, non-exclusive, non-transferable, non-transferable right to use the Solutions for the duration of the Agreement and for the entire world.
The Customer may only use the Application Services and Solutions in accordance with his needs and documentation. In particular, the license relating to the Solutions is granted only for the sole purpose of enabling the Customer to use the Services, to the exclusion of any other purpose.
The right of use means the right to represent and implement the Application Services in accordance with their intended purpose, in SaaS mode via a connection to an electronic communications network. The Customer may not under any circumstances make the Solutions available to a third party, and strictly prohibits any other use, in particular any adaptation, modification, translation, arrangement, distribution, decompilation, without this list being limiting.

Dunforce supports the maintenance and evolution of the Services. A telephone support service to handle anomalies is available on business days (details available on the dunforce.com website depending on the country). The anomaly reports can be confirmed by email to Dunforce without delay.
Dunforce proceeds to the diagnosis of the anomaly and then implements its correction.
Dunforce is working to correct the discrepancy, and is proposing a workaround that may allow the use of the features in question within 7 business days.
Dunforce is not responsible for maintenance in the following cases:
– Customer’s refusal to cooperate with Dunforce in resolving discrepancies including responding to inquiries and inquiries;
– use of the Application Services in a manner inconsistent with their destination or documentation;
– unauthorized modification of the Solutions by the Customer or a third party;
– failure of the Client to fulfill his obligations under the Contract;
– implementation of any software package, software or operating system that is not compatible with Application Services;
– failure of electronic communication networks;
– voluntary act of degradation, malevolence, sabotage;
– deterioration due to unforeseeable circumstances or misuse of Application Services.
Dunforce is committed to providing updated documentation of new versions of Solutions.
The corrections and changes of the Application Services are expressly subject to the Contract.
Interventions for this service may render the service temporarily unavailable. They are made after a period of notice and only outside days and hours worked.
Dunforce warrants that Software upgrades and new releases will not result in any regression of the Application Services in terms of performance and functionality.
Depending on the subscription formulas chosen, assistance is provided corresponding to an accompaniment of Users in relation to the use of the Solutions.
The technical support service applies to all Solutions provided by Dunforce and consists of assisting Users by telephone or remote maintenance.
It will be answered by the Customer, by the support service available by phone, email or chat (contact details available on the dunforce.com website).

TRAINING
At the Client’s request, Dunforce may provide training services according to conditions to be defined by mutual agreement. Dunforce will submit a Training Delivery Proposal if its Service Application Support and Application Service Corrective Maintenance Statements reveal recurring Customer Service issues that are not covered by any discrepancies.

DATA PROCESSING
Client company data is stored on Dunforce servers providing the solution.
If the Data transmitted for the use of the Application Services includes personal data, the Customer guarantees Dunforce against any recourse, complaint or claim from a natural person whose personal data are reproduced and hosted via the Application Service. Dunforce undertakes to inform the Customer of the location of the Data and, more generally, to communicate all the information that is useful and necessary to make the declarations.
The Customer assumes the possible editorial responsibility for the use of the Application Services.
The Customer is solely responsible for the quality, lawfulness and relevance of the Data and Content it transmits for the use of the Application Services. It further guarantees to be the owner of the intellectual property rights allowing it to use the Data and contents. Consequently, Dunforce disclaims any liability in the event of non-compliance of the Data and / or the contents with the laws and regulations, with the public order or with the needs of the Customer. The Customer warrants Dunforce at first request against any damage that would result from his being blamed by a third party for a breach of this warranty.
More generally, the Customer is solely responsible for the content and messages broadcast and / or downloaded via the Application Services. The Customer remains the sole owner of the Data constituting the content of the Solutions.

DATA SECURITY : With regard to personal data, the customer is considered responsible for processing under the Data Protection Act.
Subject to the “Accountability” Article, Dunforce undertakes to maintain the integrity and confidentiality of the Data contained in the Solutions. Dunforce will implement technical and organizational measures to prevent any fraudulent access or use of the Data and to prevent any loss, alteration or destruction of the Data.

Conditions
FINANCIAL CONDITIONS
The financial conditions are set out in the Quotation.
The fees of the Services are indicated in the currency desired by the Customer and are exclusive of tax. The billing address is the address of the Customer’s head office.

Are excluded from the fee and give rise to separate invoicing the following services:
– specific developments,
– training services,
– technical assistance services,
– and more generally all services not included in the SaaS offer.
Notwithstanding the duration of the commitment, the Services are invoiced monthly and are charged by Sepa or bank card.

Without prejudice to any damages and interest, the failure of the Customer to pay an invoice when due automatically entails:
– the application of a late interest interest equal to three times the legal interest rate, the lump sum of € 40, without prior notice and from the first day of delay;
– additional banking and management fees (monitoring of recovery, letters and telephone charges, representation of bank levies);
– the immediate suspension of the Services;
– the possible cancellation and of right of the Contract within 15 days days after the sending by Dunforce of a formal notice by registered letter with acknowledgment of receipt remained unsuccessful.

PROPRIETARY RIGHTS
The Customer is and remains the owner of all the Data that it uses via the Application Services within the framework of the Contract.
Dunforce is and remains the owner of the property rights relating to any element of the Application Services and Solutions made available to the Customer and implemented or developed within the framework of the Contract.
The Agreement does not confer any rights of ownership on the Solutions. The temporary provision of the Solutions under the terms of the Agreement can not be considered as the transfer of any intellectual property right to the benefit of the Customer, within the meaning of the French Code of Intellectual Property.
The Customer is prohibited from reproducing any element of the Software, or any documentation concerning them, by any means whatsoever, in any form whatsoever and on any medium whatsoever.

RESPONSIBILITY – UNFORESEEABLE CIRCUMSTANCES
Each of the Parties assumes responsibility for the consequences resulting from its mistakes, errors or omissions, as well as any errors, errors or omissions of its potential subcontractors and causing direct damage to the other Party.

For indirect damages:
In addition, and in the event of proven fault by the Customer, Dunforce will only be liable for compensation for the pecuniary consequences of the direct and foreseeable damages resulting from the performance of the Services. Accordingly, Dunforce shall under no circumstances incur liability for indirect or unforeseeable loss or damage to the Customer or third parties, including any lost profits, lost, inaccurate or corrupted files or Data, commercial loss, loss revenue or profit, loss of customer base, loss of opportunity, cost of obtaining a product, service or technology of substitution, in relation to or resulting from non-performance or loss of faulty performance of services.

For the ceiling of direct damages
In any case, Dunforce’s liability is strictly limited to reimbursement of the amount of the sums actually paid by the Client on the date of occurrence of the chargeable event, per user item, per day of interruption on the average of consumption. Dunforce can not, moreover, be held responsible for the accidental destruction of the Data by the Customer or a third party having accessed the Application Services by means of the Identifiers given to the Customer.

UNFORESEEABLE CIRCUMSTANCES
Neither Party may be held liable for any breach of its obligations under the Contract, if such breach results from: a governmental decision, including any withdrawal or suspension of any authorizations , a total or partial strike, internal or external to the company, a fire, a natural disaster, a state of war of total or partial interruption or blockage of telecommunications networks or electrical, act of hacking or more generally any other event of unforeseeable circumstances having the characteristics defined by the case law.
The Party observing the event shall promptly inform the other party of its inability to perform the service.
The suspension of the obligations or the delay can not in no case be a cause of responsibility for non-fulfilment of the obligation in question, nor to induce the payment of damages and interests or penalties of delay.

REVERSIBILITY
In case of termination of the contractual relationship, whatever the cause, Dunforce undertakes to return at the first request of the latter made by registered letter with acknowledgment of receipt and in a
30 days from the date of receipt of this request, all data belonging to it in a standard format easily readable in an equivalent environment.
Customer will actively work with Dunforce to facilitate data recovery.
Dunforce will ensure that the Customer can continue to operate the Data, without interruption, directly or with the assistance of another provider.
At the request of the Client, Dunforce may perform additional technical assistance services to the Customer and / or the third party designated by him, as part of the reversibility.
These support services will be billed at the Dunforce rate in effect at the time of notification of reversibility.

CONFIDENTIALITY
This article completes the article “Data Processing”.
Each Party undertakes to (i) keep confidential any information it receives from the other Party, including (ii) not disclosing the other Party’s confidential information to any third party, other than employees or agents who need to know them; and (iii) use the confidential information of the other Party only for the purpose of exercising its rights and fulfilling its obligations under the Agreement.
Notwithstanding the foregoing, neither Party shall have any obligation with respect to information that (i) would have fallen or fall into the public domain regardless of fault by the Receiving Party, (ii) would be developed by the Party receiving them, (iii) would be known to the Party receiving them before the other Party discloses them, (iv) would be legitimately received from a third party not subject to an obligation of confidentiality, or ( (v) should be disclosed by law or by order of a court (in which case they should be disclosed only to the extent required and after notifying the Party providing such notice in writing).
The obligations of the Parties with respect to the Confidential Information shall remain in effect for the duration of the Agreement and as long after its termination, that the information concerned shall remain confidential for each Party shall return all copies of the documents and media containing confidential information of the other Party, at the end of the Contract, regardless of the cause. The Parties further undertake to enforce these provisions by their staff, and by any agent or third party who may be involved in any capacity whatsoever in the context of the Contract.

OTHER
The absence of binding force or the unenforceability of any of the stipulations of the Contract does not entail nullity, the nullity, the absence of binding force or the unenforceability of the other stipulations, which will retain all their effects. However, the Parties may, by mutual agreement, agree to replace the invalidated stipulation (s).
Applicable law: The Contract is subject to French law, to the exclusion of any other legislation.
Election of domicile: For the execution of these presents as well as their consequences, the Parties elect domicile in France

Service Level Agreement

Our commitment to your satisfaction

Definition
Dunforce undertakes to provide the Customer with a quality service by respecting the following points of the Quality Charter.

Availability of the Software Solution (SaaS and API)
Dunforce will implement effective controls to provide reasonable assurance that Customer may access and use the Software Solution under the conditions set forth below.

Anomaly
Refers to the typology of the dysfunctions relating to the Services, according to the three levels of severity as defined below.

Unavailability
Period of partial or total inaccessibility of the Software Solution

NHDM
Refers to the theoretical number of hours available per month. For example for a month of 30 days: NHDM = 30 * 24 = 720 hours.

NHIM
Refers to the number of hours in the month that the Software Solution is unavailable due to a Severity 1 or 2 incident (calculated in 10-minute full-time availability bands).

The hours between 11:00 pm and 8:00 am are weighted 50%. For example for a downtime between 07:00 and 10:00 am: NHIM = 1 * 50% + 2 = 2 hours thirty minutes. It being specified that the unavailability time due to the updates and the maintenance enters into account in the calculation of the NHIM.

Severity level 1
Refers to a Critical Anomaly that prevents the Client or End User from using their application. The service is unavailable.

Severity level 2
Designates a serious Anomaly with a significant impact on the activity but without preventing the Client or the End User from using his application. Service is partially interrupted or severely and the Customer or End User may not use the services at the rated performance level set.

Severity level 3
Refers to a Minor Anomaly that does not seriously affect the services or availability of the network or the functionality used in the Customer’s or End User’s business and is not considered to be unavailable.

Committment
Availability commitment
Dunforce is committed to making the Software Solution available with a 98.5% uptime rate during its usage period, with only Level 1 and 2 Severity Anomalies leading to downtime. During the implementation period prior to final delivery, this availability rate does not apply.
This Availability Rate does not include (i) the time that the Software Solution suffers a Level 3 Severity Anomaly, and (ii) the Update and Maintenance time from 1am to 6am anytime what monthly billing cycle. Dunforce undertakes to inform the Customer 48 hours before these maintenance interventions.
The commitment of availability does not apply to the following cases:

● Unavailability caused by unforeseeable circumstances, including problems with Internet access;
● Unavailability resulting directly from any action or inaction of the Customer, its Affiliates or any third party (excluding Dunforce’s subcontractors);
● Unavailability resulting from Customer’s equipment, software or other technology, and / or any third-party equipment, software or other technology (other than equipment under the direct control of Dunforce and its subcontractors);
● Unavailability caused by a planned upgrade or corrective maintenance facility notified to the Customer fifteen (15) days in advance and implemented under the aforementioned conditions;
● Unavailability caused by any modification made by the Customer on Dunforce IT Services without his authorization;
● Unavailability caused by the use of the Software Solution and / or non-compliant or non-compliant computer software and / or hardware with the technical prerequisites that Dunforce has kept the Customer informed.

Calculation of the availability rate
The actual availability rate of the Software Solution is calculated monthly using the formula below: (NHDM – NHIM) / NHDM; by availability.

Recovery Commitment
Severity
Recovery Time (TR)
Level 1: 6 business hours *
Level 2: 1 working day
* between 06:00 and 22:00, after opening an incident ticket at support@dunforce.io

These durations are deductibles for the benefit of Dunforce. If the Software Solutions remain unavailable beyond the Recovery Time provided above, only the additional recovery times will be taken into account in the calculation of the availability commitment as defined in 1) and 2) above.

Performance / response time of the Dunforce API
Dunforce warrants to the Customer a specific performance of the API according to the following framework:
The maximum response time for all Dunforce API endpoints is 15 seconds.

The time required to upload invoice invoices to Dunforce during the creation of the “Pay Request” is not taken into account within the 15 seconds mentioned above.

The above-mentioned values ​​apply to a limit of a maximum of 100 queries per minute on the various endpoints of Dunforce API.

Penalties
Penalties for Unavailability of Software Solution caused by level of severity of anomalies 1 and 2
Penalties are applied by availability rate tranches, depending on the type of anomaly. They are calculated on the basis of a percentage of monthly fee (RM) relating to the period. The penalties will cover the month downtime have been identified and will be deducted from the monthly amounts due or duty under the following conditions:
Rate of availability
Severity level anomalies 1 and 2. Penalties % RM
97.5% <98.5%
5%
97% <97.5%
10%
95% <97%
20%
90% <95%
40%
85% <90%
70%
<85%
100%

Penalties for Severity Level 3 Abnormalities
Dunforce agrees to meet the level of severity of abnormalities 3 within three (3) business days from the declaration of the Client in the incident management tool. In case of repeated excesses of that period over a period of thirty (30) days slippery, a penalty of € 12.50 (twelve euros and fifty cents) per anomaly will be due by Dunforce.

Limiting penalties
Responsibility Dunforce in the payment of the above defined penalties is limited to the amount of the monthly subscription to the service.
This limitation applies to the total penalties paid by Dunforce a quarter in the non-compliance with its commitment to manage anomalies Severity 1, 2 or 3.

Third party services
Hosting
The Data of the Customer and its users will be stored and operated on the servers of Amazon Web Services, Inc., headquartered at 410 Terry Ave North, Seattle, WA 98109-5210, USA. It is stated that our European client’s data is stored in the European legal protection area and is part of the RGPD data protection policy.
Dunforce agrees to notify the Customer by mail or email in case of change of host in the conditions provided for in the Agreement..

Processing Integrity
Processing integrity extends to any component of the system and to all phases of processing (data entry, transmission, processing, storage, and output). Dunforce is committed to putting in place effective controls for treatment consistency, detection and management of Anomalies.

Data Security
Dunforce is committed to securing the access and use of the Software Solution by taking into account the protocols in accordance with usage, including secure and encrypted access.
Dunforce benefits from AWS commitments with various compliance programs detailed: https://aws.amazon.com/compliance/pci-data-privacy-protection-hipaa-soc-fedramp-faqs/

Third Party Services
In accordance with the transparency and traceability commitments, Dunforce informs that it uses different service providers as part of the service management.

Mailing
Shipments are provided by postal institutions in each country. For printing, mailing and postal deposit, the service is provided by Maileva, PostGreen or Cortex according to the principle of financial optimization.
SMS & Automatic calls
Sending SMS and automatic calls are provided by Callr.

Payments
Payment services are provided by our service provider Stripe, LemonWay or BNP Cash Management, depending on the services.
EDI
Invoice shipments via EDI are handled by our partner Qweeby.
Legal procedures
We ensure the litigation process in collaboration with various European partners. The Client will be informed in advance of the choice of provider and may choose the one that suits him.

Focus on GDPR

Protecting your data is at our core value

Definition
I. Precision
The purpose of these clauses is to define the conditions under which DUNFORCE commits, to perform on behalf of the CUSTOMER the data processing operations defined below. In the context of their contractual relations, the parties commit to comply with the regulations in place applicable to the processing of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 , applicable from May 25, 2018.

II. Description of the treatment being subcontracted
DUNFORCE is authorized to process on behalf of the COSTUMER the personal data necessary to provide the COSTUMER’S debt recovery services.
• The nature of the operations performed on the data is their storage and analysis.
• The purposes of the treatment is the intelligent association to the dunning plans (sending sms, emails, letters, calls).
• The personal data processed is the contact details (phone, email, function in the company …).
• The categories of people concerned are the COSTUMER’s customers, who can be associated with companies or directly with individuals.

For the execution of the service object of this contract, the CUSTOMER makes available to DUNFORCE the information necessary for their treatment.

Our obligations
DUNFORCE is committed to:
1. Treating the data only for the one or more purpose(s) that are the object of the service

2. Processing the data in accordance with the documented instructions of the CUSTOMER annexed to this contract. If DUNFORCE considers that an intrusion constitutes a violation of the European Data Protection Regulation or any other provision of EU law or data protection law of the Member States, it shall immediately inform the CUSTOMER. In addition, if DUNFORCE is required to transfer data to a third party country or to an international organization, under Union law or the law of the Member State to which it is subject, it must inform the responsible for the processing of this legal obligation prior to processing, unless the law concerned prohibits such information for important reasons of public interest

3. Guarantee the confidentiality of the personal data processed under this contract

4. Ensuring that the persons authorized to process the personal data under this contract:
a. Commit to respect confidentiality or are subject to an appropriate legal obligation of confidentiality
b. Receive the necessary training on the protection of personal data

5. Taking into account, in terms of tools, products, applications or services, the principles of data protection from the design stage and the protection of data by default

6. Subcontracting: DUNFORCE may use a subcontractor (hereinafter “the subcontractor”) to conduct specific processing activities. In this case, it informs the CUSTOMER beforehand in writing of any proposed change concerning the addition or replacement of other subcontractors. This information must clearly indicate the outsourced processing activities, the subcontractor’s identity and contact information, and the dates of the subcontract. The COSTUMER has a minimum period of 30 days from the date of receipt of this information to present his objections. This subcontracting can only be carried out if the CUSTOMER has not raised an objection during the agreed period. The subcontractor is obliged to respect the obligations of the present contract for the account and according to the instructions of the COSTUMER. It is the responsibility of DUNFORCE to ensure that the subcontractor provides the same sufficient guarantees for the implementation of appropriate technical and organizational measures to ensure that the processing meets the requirements of the European Data Protection Regulation. If the subcontractor fails to fulfil its data protection obligations, DUNFORCE remains fully liable to the CUSTOMER for the respect by the subcontractor of its obligations.

7. Right of information of data subjects: It is the CUSTOMER’s responsibility to provide information to the persons concerned by the processing operations at the time of data collection.

8. Exercise of the rights of individuals: Whenever possible, DUNFORCE shall assist the CUSTOMER in fulfilling his obligation to respond to requests for the exercise of the rights of data subjects: right of access, rectification, erasure and opposition, right to limitation of processing, right to portability of data, right not to be the subject of an individual automated decision (including profiling).
When data subjects apply decide to exercise their rights, DUNFORCE must send these requests as soon as they are received by e-mail to the a contact within the COSTUMER.

9. Notification of personal data breaches: DUNFORCE notifies the CUSTOMER of any personal data breaches within 24 hours of becoming aware of them and by email. This notification shall be accompanied by all relevant documentation in order to enable the CUSTOMER, if necessary, to notify this breach to the competent supervisory authority.
After agreement of the CUSTOMER, DUNFORCE notifies the competent supervisory authority (the CNIL), in the name and on behalf of the CUSTOMER, the personal data breaches as soon as possible and, if possible, 72 hours at the latest after having read it, unless the violation in question is not likely to create a risk for the rights and freedoms of natural persons. The notification shall contain at least:
● The description of the nature of the personal data breach including, if possible, the categories and the approximate number of persons concerned by the breach and the categories and the approximate number of personal data records concerned;
● The name and contact details of the data protection officer or other point of contact from whom additional information can be obtained;
● The description of the likely consequences of the personal data breach;
● A description of the measures taken or proposed by the controller to remedy the breach of personal data, including, when appropriate, measures to mitigate any negative consequences.
If, and to the extent that it is not possible to provide all this information at the same time, the information may be communicated in a staggered manner without undue delay.
After agreement of the COSTUMER, DUNFORCE communicates, in the name and on behalf of the CUSTOMER, the personal data breach to the data subject as soon as possible, when this violation is likely to create a high risk for the rights and freedoms of a physical person.
The communication to the data subject describes, in clear and simple terms, the nature of the personal data breach and contains at least:
● The description of the nature of the personal data breach including, if possible, the categories and the approximate number of persons concerned by the breach and the categories and the approximate number of personal data records concerned;
● The name and contact details of the data protection officer or other point of contact from whom additional information can be obtained;
● The description of the likely consequences of the personal data breach;
● A description of the measures taken or proposed by the controller to remedy the breach of personal data, including, when appropriate, measures to mitigate any negative consequences.

10. Subcontractor’s assistance as part of the CUSTOMER’s compliance with his obligations
DUNFORCE assists the CUSTOMER in carrying out data protection impact assessments.
DUNFORCE assists the CUSTOMER in carrying out the prior consultation of the supervisory authority.

11. Security measures
DUNFORCE is committed to implementing the following security measures:
● Pseudonymisation and encryption of personal data
● Means to ensure the confidentiality, integrity, availability and resilience of treatment systems and services;
● The means to restore the availability of personal data and access to it in good time in the event of a physical or technical incident;
● A procedure to test, analyze and evaluate regularly the effectiveness of technical and organizational measures to ensure the safety of treatment

12. Data fate
Upon completion of the provision of services related to the processing of such data, DUNFORCE engages itself to: destroy all personal data.
Once destroyed, DUNFORCE must justify in writing the destruction.

13. Data Protection Officer
DUNFORCE informs the CUSTOMER of the name and contact details of his data protection officer, if he has designated one in accordance with Article 37 of the European Data Protection Regulation

14. Registry of categories of treatment activities
DUNFORCE declares to keep in writing a register of all categories of processing activities performed on behalf of the CUSTOMER including:
● The name and contact details of the COSTUMER on whose behalf he is acting, any subcontractors and, when applicable, the data protection officer;
● The categories of treatment carried out on behalf of the controller;
● When appropriate, transfers of personal data to a third party country or to an international organization, including the identification of that third party country or international organization and, in the case of transfers referred to in Article 49 (1), 1, second paragraph of the European Data Protection Regulation, documents proving the existence of appropriate safeguards;
● To a possible extent, a general description of the technical and organizational security measures, including, as appropriate:
Pseudonymisation and encryption of personal data;
Means to ensure the ongoing confidentiality, integrity, availability and resilience of treatment systems and services;
Means to restore the availability of and access to personal data in good time in the event of a physical or technical incident;
A procedure to test, analyze and regularly evaluate the effectiveness of technical and organizational measures to ensure the safety of treatment.

15. Documentation
DUNFORCE provides the CUSTOMER with the necessary documentation to demonstrate compliance with all its obligations and to allow audits, including inspections, to be carried out by the controller or other auditor he or she has mandated, and to contribute to these audits.

Your agreement
The CUSTOMER agrees to:
1. Provide to the subcontractor the data referred in these clauses
2. Document in writing any instructions regarding data processing by DUNFORCE
3. Ensure, in advance and throughout the duration of processing, compliance with the obligations of the European Data Protection Regulation by the subcontractor
4. Supervise the processing, including conducting audits and inspections with the subcontractor
Pourquoi Dunforce ? Pour favoriser la confiance, l’élément clé de l’économie. Les entreprises conçoivent, produisent, vendent, et attendent d’être payé. Elles prêtent plus d’argent à leurs clients que les banques ! Et avec près de 50 % des factures payées en retard, c’est une source de défiance pour toutes les entreprises. Avec sa solution, Dunforce restaure ce lien fondamental de confiance.
ADRESSE

5 Allées de Tourny
33000 Bordeaux, France
Tél: +33 9 723 723 70

CHOISIR VOTRE LANGUE
© Dunforce 2020
Made in Bordeaux, Barcelona & San Francisco