Common use of Non-compliance with the Clauses and termination Clause in Contracts

Non-compliance with the Clauses and termination. Without prejudice to any provisions of Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725, in the event that the processor is in breach of its obligations under these Clauses, the controller may instruct the processor to suspend the processing of personal data until the latter complies with these Clauses or the contract is terminated. The processor shall promptly inform the controller in case it is unable to comply with these Clauses, for whatever reason. The controller shall be entitled to terminate the contract insofar as it concerns processing of personal data in accordance with these Clauses if: the processing of personal data by the processor has been suspended by the controller pursuant to point (a) and if compliance with these Clauses is not restored within a reasonable time and in any event within one month following suspension; the processor is in substantial or persistent breach of these Clauses or its obligations under Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725; the processor fails to comply with a binding decision of a competent court or the competent supervisory authority/ies regarding its obligations pursuant to these Clauses or to Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725. The processor shall be entitled to terminate the contract insofar as it concerns processing of personal data under these Clauses where, after having informed the controller that its instructions infringe applicable legal requirements in accordance with Clause 7.1 (b), the controller insists on compliance with the instructions. Following termination of the contract, the processor shall, at the choice of the controller, delete all personal data processed on behalf of the controller and certify to the controller that it has done so, or, return all the personal data to the controller and delete existing copies unless Union or Member State law requires storage of the personal data. Until the data is deleted or returned, the processor shall continue to ensure compliance with these Clauses. Controller(s): [Identity and contact details of the controller(s), and, where applicable, of the controller’s data protection officer] | Name ▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇▇ | Address ▇▇▇▇▇▇▇▇▇ ▇▇▇▇/▇▇, ▇▇▇▇▇ ▇▇▇▇▇, ▇▇ ▇▇▇▇▇ ▇▇. No. 75263815 Signature and accession date: March 17, 2022 Categories of data subjects whose personal data is processed Processor processes personal data of the users of the Software. This can be ● Admin Users (persons who are entitled to manage content and configuration of Product Fruits) or ● End Users (persons who use the Customer Application together with Product Fruits in-app assistance (content edited by Admin users) and who can be e.g. Customer's clients, prospective clients and/or Customer´s employees). Function of processed data category Data categories processed by Processor if data subject is an Admin User Data categories processed by Processor if data subject is an End User Identifier Email address ID Optional*: email address Metadata for secure operation of systems IP address, URL, browser type and version, time zone and language settings of users. Custom attributes Roles & Permissions, Login information Optional*: Attributes that are defined by Customer Interaction data of User with Product Fruits Audit log of changes made to configuration and content elements Usage of Product Fruits content elements (e.g. Tour played, Announcement seen, ...) Interaction data of User with Customer Application Optional*: Usage of specifically defined features in Customer Application Optional*: Interactions (e.g. page visits, clicks) in Customer Application Product Fruits provides a Digital Adoption Platform as a Cloud Software as a Service to help users to use Customer Applications by providing i n-app assistance.

Non-compliance with the Clauses and termination. Without prejudice to any provisions of Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725, in the event that the processor is in breach of its obligations under these Clauses, the controller may instruct the processor to suspend the processing of personal data until the latter complies with these Clauses or the contract is terminated. The processor shall promptly inform the controller in case it is unable to comply with these Clauses, for whatever reason. The controller shall be entitled to terminate the contract insofar as it concerns processing of personal data in accordance with these Clauses if: the processing of personal data by the processor has been suspended by the controller pursuant to point (a) and if compliance with these Clauses is not restored within a reasonable time and in any event within one month following suspension; the processor is in substantial or persistent breach of these Clauses or its obligations under Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725; the processor fails to comply with a binding decision of a competent court or the competent supervisory authority/ies regarding its obligations pursuant to these Clauses or to Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725. The processor shall be entitled to terminate the contract insofar as it concerns processing of personal data under these Clauses where, after having informed the controller that its instructions infringe applicable legal requirements in accordance with Clause 7.1 (b), the controller insists on compliance with the instructions. Following termination of the contract, the processor shall, at the choice of the controller, delete all personal data processed on behalf of the controller and certify to the controller that it has done so, or, return all the personal data to the controller and delete existing copies unless Union or Member State law requires storage of the personal data. Until the data is deleted or returned, the processor shall continue to ensure compliance with these Clauses. Controller(s): [Identity and contact details of the controller(s), and, where applicable, of the controller’s data protection officer] | Name ▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇▇ | Address ▇▇▇▇▇▇▇▇▇ ▇▇▇▇/▇▇, ▇▇▇▇▇ ▇▇▇▇▇, ▇▇ ▇▇▇▇▇ ▇▇. No. 75263815 Signature and accession date: March 17, 2022 Categories of data subjects whose personal data is processed Processor processes personal data of the users of the Software. This can be ● Admin Users (persons who are entitled to manage content and configuration of Product Fruits) or ● End Users (persons who use the Customer Application together with Product Fruits in-app assistance (content edited by Admin users) and who can be e.g. Customer's clients, prospective clients and/or Customer´s employees). Function Categories of personal data processed data category Data categories processed by Processor if data subject is an Admin User Data categories processed by Processor if data subject is an End User Identifier Identifier Email address ID OptionalIDOptional*: email address Metadata for secure operation of systems IP address, URL, browser type and version, time zone and language settings of users. Custom attributes Roles & Permissions, Login information Optional*: Attributes that are defined defined by Customer Interaction data of User with Product Fruits Audit log of changes made to configuration configuration and content elements Usage of Product Fruits content elements (e.g. Tour played, Announcement seen, ...) Interaction data of User with Customer Application Optional*: Usage of specifically defined specifically defined features in Customer Application Optional*: Interactions (e.g. page visits, clicks) in Customer Application Product Fruits provides a Digital Adoption Platform as a Cloud Software as a Service to help users to use Customer Applications by providing i n-app assistance.

Non-compliance with the Clauses and termination. 9.1 Without prejudice to any provisions of Regulation (EU) 2016/679 and/or Regulation (EU) 2018/17252016/679, in the event that the processor is in breach of its obligations under these Clauses, the controller may instruct the processor to suspend the processing of personal data Personal Data until the latter complies with these Clauses or the contract this Agreement is terminated. The processor shall promptly inform the controller in case it is unable to comply with these Clauses, for whatever reason. . 9.2 The controller shall be entitled to terminate the contract this Agreement insofar as it concerns processing of personal data Personal Data in accordance with these Clauses if: : 9.2.1 the processing of personal data Personal Data by the processor has been suspended by the controller pursuant to point (a) Clause 9.1 and if compliance with these Clauses is not restored within a reasonable time and in any event within one month following suspension; ; 9.2.2 the processor is in substantial or persistent breach of these Clauses or its obligations under Regulation (EU) 2016/679 and/or Regulation (EU) 2018/17252016/679; or 9.2.3 the processor fails to comply with a binding decision of a competent court or the competent supervisory authority/ies regarding its obligations pursuant to these Clauses or to Regulation (EU) 2016/679 and/or Regulation (EU) 2018/1725. 2016/679. 9.3 The processor shall be entitled to terminate the contract this Agreement insofar as it concerns processing of personal data Personal Data under these Clauses where, after having informed the controller that its instructions infringe applicable legal requirements in accordance with Clause 7.1 (b)7.1, the controller insists on compliance with the instructions. . 9.4 Following termination of the contractthis Agreement, the processor shall, at the choice of the controller, delete all personal data Personal Data processed on behalf of the controller and certify to the controller that it has done so, or, or return all the personal data Personal Data to the controller and delete existing copies unless Union or Member State law requires storage of the personal dataPersonal Data. Until the data Personal Data is deleted or returned, the processor shall continue to ensure compliance with these Clauses. Controller(s): [Identity and contact details of the controller(s), and, where applicable, of the controller’s data protection officer] | Name ▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇▇ | Address ▇▇▇▇▇▇▇▇▇ ▇▇▇▇/▇▇, ▇▇▇▇▇ ▇▇▇▇▇, ▇▇ ▇▇▇▇▇ ▇▇. No. 75263815 Signature and accession date: March 17, 2022 Categories of data subjects whose personal data is processed Processor processes personal data of the users of the Software. This can be ● Admin Users (persons who are entitled to manage content and configuration of Product Fruits) or ● End Users (persons who use the Customer Application together with Product Fruits in-app assistance (content edited by Admin users) and who can be e.g. Customer's clients, prospective clients and/or Customer´s employees). Function of processed data category Data categories processed by Processor if data subject is an Admin User Data categories processed by Processor if data subject is an End User Identifier Email address ID Optional*: email address Metadata for secure operation of systems IP address, URL, browser type and version, time zone and language settings of users. Custom attributes Roles & Permissions, Login information Optional*: Attributes that are defined by Customer Interaction data of User with Product Fruits Audit log of changes made to configuration and content elements Usage of Product Fruits content elements (e.g. Tour played, Announcement seen, ...) Interaction data of User with Customer Application Optional*: Usage of specifically defined features in Customer Application Optional*: Interactions (e.g. page visits, clicks) in Customer Application Product Fruits provides a Digital Adoption Platform as a Cloud Software as a Service to help users to use Customer Applications by providing i n-app assistance.