Barco XMS (Virtual) Edge Product Specific End User License Agreement^[6]

THIS PRODUCT SPECIFIC USER LICENSE AGREEMENT (EULA) TOGETHER WITH THE BARCO GENERAL EULA ATTACHED HERETO SET OUT THE TERMS OF USE OF THE SOFTWARE.

PLEASE READ THIS DOCUMENT CAREFULLY BEFORE OPENING OR DOWNLOADING AND USING THE SOFTWARE.

DO NOT ACCEPT THE LICENSE, AND DO NOT INSTALL, DOWNLOAD, ACCESS, OR OTHERWISE COPY OR USE ALL OR ANY PORTION OF THE SOFTWARE UNLESS YOU CAN AGREE WITH ITS TERMS AS SET OUT IN THIS LICENSE AGREEMENT.

1. Metrics

XMS (Virtual) Edge is software to monitor and manage ClickShare and wePresent devices of Barco (“Software”). The Software is available in two models:

• XMS Edge appliance shall be invoiced and paid as per applicable prices and applicable purchase order acknowledged by Barco; or
• XMS Virtual Edge is offered as a free of charge virtual machine .OVA file.

The Software is available as a perpetual license.

A license is not bound to a single individual user, but grants usage rights to all users designated to operate the Software.

2. Enabling hardware

The Software must be used in combination with an on-premise XMS Edge instance (virtual machine or appliance).

3. Support

The provision of updates, upgrades and helpdesk support are included in the license for the applicable support period and the service levels purchased under the applicable license.

Barco will provide support for the last updates on the two (2) last minor upgrade branches of a major upgrade release version of the Software.

If a new major upgrade version of the Software is released by Barco, then Barco may send an End-Of-Life notification for the previous major upgrade version of the Software. This End-Of-Life notification will specify the end of the support period for the previous major upgrade release version.

Software patches are solely provided as part of a new release, and you shall upgrade your use of the Software to the latest release made available by Barco to implement any such patches.

As used above,

• “Minor Upgrade” shall mean all functional and/or feature enhancements that are incorporated and released at the discretion of Barco from time to time, to improve and/or otherwise enhance the product(s) functionality. Barco defines the Minor Upgrades for a specified software version as being those releases with the same software version number in the first position and a minor upgrade number increase as follows from x.y.z to x.y+1.z)
• “Major Upgrade” shall mean a significant change in the software functionality and/or architecture deemed by Barco to be so. Installation and use of Major Upgrades may require modification of existing projects and templates; such modifications are not included under this document. The release notes will explain the upgrade path; the services to implement Major Upgrade modifications including making required modifications to existing software, templates and integration and testing, are not covered by this document. Barco defines the Major Upgrades for a specified software version as follows e.g., major upgrade number increase from x.y.z to x+1.y.z).

4. Terms of Use

The Software can be used as set out in the Barco EULA attached hereto. The provisions of this Product Specific EULA override the Barco generic EULA in case of conflicts or inconsistencies.

In case of (inadvertent or other) non-compliance (e.g. where the actual use overshoots the use authorized hereunder), Barco shall have the option to (i) cause you to procure such additional licenses required as per the actual usage and (ii) to suspend access to the Software until the non-compliance is remedied, failing of which Barco may terminate the License Agreement as set out herein.

5. Privacy

You are the controller (as defined under applicable data protection law) for personal data which are being processed via the Software. Therefore, you remain responsible for complying with applicable data protection law and for implementing and maintaining privacy protection and security measures (especially for components that a system integrator provides or controls).

Your data (including the data of individuals you permit to use the Service) are treated in accordance with the Agreement. Any personal data are treated in accordance with the Exhibit DPA, attached hereto and accepted as part of this EULA, and the Product Privacy Policy is accessible on https://www.barco.com/en/about-barco/legal/privacy-policy/product-privacy-statement.

Via the Software, Barco may gather (i) technical information about the functioning and the functionality of the products which are connected through the Software, and/or (ii) information as provided by you or generated by your use of the Software (“Functional Information”). Barco may make use of such Functional Information for purposes of analytics, for developing and improving products and services, offering products and services to your organization and/or allowing third parties to access such Functional Information in accordance with Barco’s product privacy statement accessible on https://www.barco.com/en/about-barco/legal/privacy-policy/product-privacy-statement.

6. Other Terms

• Open Source components

  The Software contains software components released under an Open Source license.

  A list of the third party software components used (open source and other) is available on the Barco website (www.barco.com/opensourcesoftware/xms/).The applicable license terms, copyright notices and, as relevant, source code access apply as set out in the Barco EULA attached hereto.

• Safe and proper use of Devices

  You remain solely responsible to operate any device which is controlled, monitored or analyzed by the Software in accordance with the operating instructions and safety guidelines as intended and/or recommended. Barco disclaims any liability resulting from an improper use of a device, even if such device is being controlled, monitored or analyzed by the Software.

BARCO END USER LICENSE AGREEMENT^[6]

By accepting these terms (through tick box or other mechanism designed to acknowledge agreement to the terms of an electronic copy of this License Agreement), or by installing, downloading, accessing, or otherwise copying or using all or any portion of the Software (as defined below), (i) you accept this License Agreement on behalf of the entity for which you are authorized to act (e.g., your employer) and you agree to act in a manner consistent with this License Agreement (or, if there is no such entity for which you are authorized to act, you accept this License Agreement on behalf of yourself as an individual and acknowledge that you are legally bound by this Agreement), and (ii) you represent and warrant that you are duly empowered by the end user in case you act on behalf of such entity.

These terms apply to your use of the Software as of and for the original Term of your license. When you renew or purchase an additional license, the then current version of this License Agreement shall apply and will remain unchanged during the term of that license and/or in respect of such changed elements. The other contract documents (Product Specific EULA; Maintenance and Support Agreement, if and when provided alongside with this document) applies in addition to these terms and constitute the entire License Agreement. You acknowledge that an electronic copy of this Agreement shall have the same proving value as a hard copy signed by the parties.

If you are unwilling to accept this License Agreement on these terms, or you do not have the right, power and authority to act on behalf of and bind such entity (or yourself as an individual if there is no such entity), DO NOT SELECT THE “I ACCEPT” BUTTON OR OTHERWISE CLICK ON ANY BUTTON OR OTHER MECHANISM DESIGNED TO ACKNOWLEDGE AGREEMENT, AND DO NOT INSTALL, DOWNLOAD, ACCESS, OR OTHERWISE COPY OR USE ALL OR ANY PORTION OF THE SOFTWARE.

1. Definitions

“Affiliate” means any corporation or other entity directly or indirectly, controlling, controlled by or under common control with such corporation or entity.

For the purpose of the above, “control” shall mean (i) the ownership or control, directly or indirectly, of fifty percent (50%) or more of the equity capital or the shares or voting rights in the corporation or other entity in question or (ii) the control of the composition of the board of directors of the corporation or other entity in question.

“Barco” means Barco NV (company number 0473.191.041) with company address at Beneluxpark 21, 8500 Kortrijk, Belgium, or its designated Affiliate licensing to you the proprietary software which is the subject matter of this Agreement.

“Documentation” means all technical, reference and installation manuals, user guides, published performance specifications and other written documentation provided by Barco generally to its licensees with respect to the Software, along with any modifications and updates thereto;

“DRM” means Barco’s digital rights management platform used to provide access to and access conditions of the Software.

“License Agreement” means this Barco End User License Agreement (EULA), incorporating the terms of the Product Specific EULA, and any modifications thereof as set out herein.

“Product Specific EULA” means the supplemental software terms applicable

“Software” means the Barco proprietary software which is being licensed hereunder, released in object code only.

“Term” means the period set out in article 9.1 hereof.

“you” means the entity on behalf of which these terms are accepted, and any of its representatives having access to the Software.

2. License Grant

2.1 ‘License Scope’. Subject to compliance with all license terms and payment of applicable fees, Barco grants you a limited, non-exclusive, non-assignable, non-transferable user license (without the right to grant sublicenses). Save for the Product Specific EULA or any broader license terms confirmed through the DRM tool, (i) the license under this License Agreement applies to one (1) copy of the Software to be used on one single computing device and (ii) installation on a computing device that may be concurrently accessed by more than one user shall not constitute a permitted use and a separate license is required for each active user connected to a computing device on which the Software is being used

2.2 ‘ License Type’. The applicable license type, and your rights in time, deployment and usage, are further detailed in the Product Specific EULA (in the absence of which the scope shall be as set in article2.1 hereof).

2.3 ‘License restrictions’.

Intended Use. You agree to use the Software solely as permitted by this License Agreement (and any Product Specific EULA made part of it) and in a matter consistent with its design and Documentation.

No Transfer (License Agreement). You agree not to transfer, assign or sublicense your license rights to any other person or entity, unless Barco’s prior written consent is obtained (which consent shall be reasonably given, but may come with a fee).

No Transfer (Software). If you deactivate or uninstall the Software from the computer device on which it was originally installed, this will terminate this License Agreement unless otherwise and specifically approved by Barco. You agree not to use the Software in association with other hardware or software that allows to pool connections, reroute information, reduce the number of devices or users that directly access or use the Software, or reduce the number of devices or users the Software directly manages (sometimes referred to as “multiplexing” or “pooling”) or otherwise attempt to reduce the number of licenses of any type that you need.

Authorized Users. The use of the Software is restricted to persons within your organization, or any third party representatives operating under your responsibility and control, provided any such persons have accepted the terms of this License Agreement. You agree not to use or permit the Software to be used to perform services for third parties, whether on a service bureau or time sharing basis or otherwise, without the prior written authorization of Barco. You shall not lease, rent, or otherwise transfer or grant a security or other interest in the Software.

No Modifications. You shall not make error corrections to or otherwise modify or adapt the Software or create derivative works based upon the Software, or permit third parties to do the same.

No Reverse Engineering. You agree not to reverse engineer or decompile, decrypt, disassemble or otherwise reduce the Software to human-readable form, except to the extent otherwise expressly permitted under applicable law notwithstanding this restriction, or except to the extent Barco is legally required to permit such specific activity pursuant to any applicable open source license.

Code required to ensure interoperability. To the extent required by law, and at your written request, Barco shall provide you with the interface information needed to achieve interoperability between the Software and another independently created program used by you, on payment of Barco’s applicable fee (if any). You shall observe strict obligations of confidentiality with respect to such information and shall use such information in compliance with terms and conditions which Barco makes applicable.

No Unbundling. The Software may include various applications and components, may support multiple platforms and languages, and may be provided on multiple media or in multiple copies. Nonetheless, the Software is designed and provided to you as a single product to be used as a single product on devices as permitted herein. You agree not to unbundle the component parts of the Software for use on different computer devices.

Territory. You agree to use the Software solely in the territory or region where you obtained the Software from Barco or its authorized reseller or as otherwise stated in the Documentation. Any export if permitted shall comply with any applicable (export) laws and regulations.

2.4 ‘Your Infrastructure’. You remain responsible to procure and maintain hardware, operating system, network and other infrastructure (the “Infrastructure”) required to operate the Software and to keep such Infrastructure functioning and virus-free. You acknowledge that the Software is a complex computer software application, and that the performance thereof may vary depending hardware platform, software interactions and configuration. You acknowledge that the Software is not designed and produced specifically to meet your specific requirements and expectations and the selection of the Software by you is entirely your own choice and decision.

3. Ownership. Intellectual Property Rights.

3.1 ‘Ownership’. Any Software is licensed, not sold to you, on a non-exclusive basis for use only under the terms of this License Agreement, and Barco and its suppliers reserve all rights not expressly granted to you. You may own the carrier on which the Software is provided, but the Software is owned and copyrighted by Barco or by third party suppliers. Your license confers no title or ownership and is not a sale of any rights in the Software or its Documentation.

3.2 ‘Third Party Materials’. The Software may contain or require the use of certain third party technology (whether proprietary or open source software), identified by Barco in the Documentation, readme file, third-party click-accept, on https://www.barco.com or elsewhere (the “Identified Components”). Identified Components may be subject to additional and/ or different terms and you agree that the Identified Components are licensed under the terms, disclaimers and warranties of their respective licenses which in the forthcoming case shall override the provisions of this License Agreement.

3.3 ‘Source Code Access’. To the extent required under third party (open source) license terms, and for a period of 36 months following your acceptance of this License Agreement, Barco shall provide access to the source code controlled by a third party (open source) license, via email or download link. If the relevant license terms require so, you may require Barco (attn. its legal department, at the address stated above) to obtain such code on tangible medium against payment of the cost of media, shipping and handling.

3.4 ‘Copyright’. The Software is protected by national and international laws and treaty provisions. Copyright on the Software components belongs to the respective initial copyright holder, each additional contributor and/or their respective assignee(s), as may be identified in the Software Documentation, source code, README file, or otherwise. You shall not remove or obscure or otherwise alter the respective copyrights.

3.5 Trademarks. Brand and product names mentioned in relation to the Software may be trademarks, registered trademarks or copyrights of their respective (third party) holders. All such brand and product names mentioned in relation to the Software serve as comments or examples and are not to be understood as advertising for the products or their manufacturers.

3.6 ‘Trade Secrets’. You agree not to disclose, provide or otherwise make available trade secrets contained within the Software and Documentation in any form to any third party without the prior written consent of Barco. You shall implement reasonable security measures to protect such trade secrets.

4. Support

4.1 ‘Principle’. Barco is under no obligation to provide support in respect of the Software, except as included in a Product Specific EULA and/or the extent you have entered into a separate maintenance agreement. Any unauthorized use of the Software may prohibit Barco from providing such support.

4.2 ‘Support policy’. Barco may provide to you maintenance releases to address bugs or security issues in the Software and you agree to install the same. Any other updates or upgrades can be obtained under the terms of a separate software maintenance which is being offered to you. You may have a right to downgrade your licensed Software application to (only) such earlier version of the same Software application as agreed by Barco in the forthcoming case.

Additional functionality may be licensed to you with and subject to additional or different terms.

5. Warranty

EXCEPT FOR THE LIMITED WARRANTY THAT MAY APPLY AS PER THE PRODUCT SPECIFIC EULA, YOU UNDERSTAND THAT THE SOFTWARE IS BEING PROVIDED TO YOU "AS IS". BARCO DOES NOT MAKE NOR INTENDS TO MAKE ANY WARRANTIES OR REPRESENTATIONS, EXPRESS OR IMPLIED AND SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT OF INTELLECTUAL PROPERTY AND DOES NOT WARRANT THAT THE SOFTWARE WILL BE FREE FROM ERRORS OR THAT YOU WILL BE ABLE TO OPERATE THE SOFTWARE WITHOUT INTERRUPTIONS OR THAT SUCH ERRORS WILL BE CORRECTED BY BARCO. EXCEPT FOR ANY MAINTENANCE AND SUPPORT OBLIGATIONS SEPARATELY AGREED, YOU ARE SOLELY RESPONSIBLE FOR ALL COSTS AND EXPENSES ASSOCIATED WITH RECTIFICATION, REPAIR OR DAMAGE CAUSED BY SUCH ERRORS. IN THE FORTHCOMING CASE, THE WARRANTY DISCLAIMER FOUND IN APPLICABLE OPEN SOURCE LICENSES SHALL OVERRIDE THE PROVISIONS OF THIS LICENSE AGREEMENT.

6. Compliance and Enforcement

6.1 ‘Reporting and Audit’. In addition to good practice record-keeping obligations, you agree to report the use of the Software and relating billing metrics in the DRM or otherwise as agreed. You grant to Barco and its designated auditors, at Barco’s expenses, the right to verify your Software deployments and to examine your books, records and accounts during your normal business hours so as to verify your compliance with the License Agreement. In the event such audit discloses non-compliance with your payment obligations hereunder, you shall promptly pay to Barco the appropriate license fees plus the reasonable cost of conducting the audit.

6.2 ‘Enforcement’. Barco shall notify the then known user through the DRM (failing of which, otherwise in writing) of a substantial non-compliance, based on the triggers as per the Product Specific EULA. The non-compliance may result in an immediate or graduate denial of service (i.e. termination of the rights granted under the License Agreement), in part or in full, all based on the level of severity of the non-compliance [as per the Product Specific EULA].

6.3 ‘Indemnification’. YOU HEREBY AGREE TO INDEMNIFY, DEFEND AND HOLD HARMLESS BARCO AND BARCO’S AFFILIATES FROM AND AGAINST ANY AND ALL ACTIONS, PROCEEDINGS, LIABILITY, LOSS, DAMAGES, FEES AND COSTS (INCLUDING ATTORNEY FEES), AND OTHER EXPENSES INCURRED OR SUFFERED BY BARCO ARISING OUT OF OR IN CONNECTION WITH ANY BREACH BY YOU OF THE TERMS OF THIS SOFTWARE LICENSE.

7. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, BARCO ACCEPTS NO LIABILITY FOR ANY DAMAGES, LOSSES OR CLAIMS YOU OR ANY THIRD PARTY MAY SUFFER AS A RESULT OF YOUR USE OF THE SOFTWARE. IN JURISIDCTIONS WHERE BARCO’S LIABILITY CANNOT BE EXCLUDED, BARCO’S LIABILITY FOR DIRECT DAMAGES SHALL BE LIMITED TO AN AMOUNT OF 250 EURO IN THE AGREGATE (OR TO THE MAXIMUM EXTENT PERMITTED BY LAW WHERE NO FURTHER EXCLUSION IS LEGALLY ALLOWED).

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL BARCO BE LIABLE FOR ANY INDIRECT, SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS OR DAMAGES OF ANY KIND WHICH MAY ARISE OUT OF OR IN CONNECTION WITH THE SOFTWARE, THIS SOFTWARE LICENSE OR THE PERFORMANCE OR PURPORTED PERFORMANCE OF OR FAILURE IN THE PERFORMANCE OF BARCO’S OBLIGATIONS UNDER THIS SOFTWARE LICENSE OR FOR ANY ECONOMIC LOSS, LOSS OF BUSINESS, CONTRACTS, DATA, GOODWILL, PROFITS, TURNOVER, REVENUE, REPUTATION OR ANY LOSS ARISING FROM WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION OF THE SOFTWARE AND ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES WHICH MAY ARISE IN RESPECT OF USE OF THE SOFTWARE, EVEN IF BARCO HAS BEEN ADVISED OF THE POSSIBILITY OF THEIR OCCURRENCE.

8. Confidentiality

8.1 ‘Confidential Information’. You will be receiving information which is proprietary and confidential to Barco during the negotiation and Term of this License Agreement. “Confidential Information” shall include (i) the underlying logic, source code and concepts of the Software or other trade secrets (the access to which is strictly limited as expressly set out herein), (ii) any information designated as confidential by Barco or which has the necessary quality of confidence about it and (iii) any license key provided by Barco to you hereunder.

8.2 ‘Non-Disclosure’. You agree not to divulge any Confidential Information to any persons without Barco's prior written consent provided that this article 8 shall not extend to information which was rightfully in your possession prior to the commencement of the negotiations leading to this License Agreement, which is already public knowledge or becomes so at a future date (otherwise than as a result of a breach of this article 8), to the extent it is required to be disclosed by law or which is trivial or obvious. You agree not to use any Confidential Information except for the authorized purpose hereunder. The foregoing obligations as to confidentiality shall survive the Term of this License Agreement.

9. Term and Termination

9.1 ‘Term’. The duration of this License Agreement will be from the date of your acceptance (as set forth above) of the Software (whereby you acknowledge that use of the Software implies acceptance), until you de-activate the Software, discontinue the use of the device on which the Software was first installed for its intended use or the expiration of the limited time period set out in the Product Specific EULA, whichever comes first.

9.2 ‘Termination’. You may terminate this License Agreement at any time by destroying all copies of the Software then in your possession and returning all Documentation and associated materials, to Barco or the appointed Barco reseller that sold or provided these to you. Barco may terminate this License Agreement, immediately or gradually in accordance with article 6 hereof, by informing you at any time if any user is in breach of any of the License Agreement's terms.

9.3 ‘Consequences of Termination’. All rights associated with the use of the Software and the acquisition of updates and upgrades cease once the contract is terminated or expires. Cancelling your license will stop recurring fees going forward, but will not retroactively refund current or past payments.

10. Other relevant terms

10.1 ‘Data Protection’. Barco may, without restriction, save, process, use and reuse any data obtained in connection with the sales or supply of the Services. Barco shall take suitable technical and organizational measures to protect personal data received against loss and unlawful processing.

10.2 ‘Functional Information’. Via the Software, Barco may gather technical, aggregated and/or statistical information about (i) the functioning and the functionality of the products which are connected through the Software, and/or (ii) as provided by You or generated by Your use of the Software (“Functional Information”). Barco and its service providers may process and use such Functional Information for analytics purposes, for developing and improving products and services, offering products and services to Your organization, all based on the legitimate interest of Barco of evaluating the market, assessing and improving its products and conducting research and development. This Section shall survive the term of this Agreement.

10.3 Return of Data. Upon Your request made within 60 days after the termination or expiration of this Agreement, Barco will make User Data available to You for export or download as provided in the Documentation. After such 60-day period, Barco shall have no obligation to maintain or provide any User Data, and as provided in the Documentation will thereafter delete or destroy all copies of User Data in Barco’s systems or otherwise in Barco’s possession or control, unless legally prohibited.

11. Final Clauses

11.1 ‘Entire Agreement’. This License Agreement is the only understanding and agreement between you and Barco for use of the Software. This License Agreement supersedes all other communications, understandings or agreements we had prior to this License Agreement (with the exception of any continuing confidentiality agreement).

11.2 ‘Notices’. Notices can be validly delivered to the parties’ last known address.

11.3 ‘Severability’. This License Agreement shall not be altered, amended or varied. If any provision of this License Agreement is determined to be illegal, void or unenforceable, or if any court of competent jurisdiction in any final decision so determines, this License Agreement shall continue in full force save that such provision shall be deemed to be deleted with effect from the date of such decision, or such earlier date, and shall be replaced by a provision which is acceptable by law and which embodies the intention of this License Agreement a close as possible.

11.4 ‘Export’. You acknowledge that this Software may be subject to U.S. or other governments Export Jurisdiction. You agree to comply with all applicable international and national laws that apply to the Software, including the U.S. Export Administration Regulations, as well as end-user, end-use, and destination restrictions issued by the U.S. or other governments.

11.5 ‘Survival’. The provisions of articles 3, 5, 6, 7 and 8 will survive the termination of this License Agreement, howsoever caused, but this will not imply or create any continued right to use the Software after termination of this License Agreement.

11.6 ‘Assignment’. Barco shall be entitled to sub-contract all or any of Barco's obligations hereunder to a third party and/or any of Barco's Affiliates.

11.7 ‘Law and Jurisdiction’. The construction, validity and performance of this License Agreement shall be governed in all respects by the laws of Belgium, without recourse to its conflict of law principles. All disputes arising in any way out of or affecting this License Agreement shall be subject to the exclusive jurisdiction of the courts of Kortrijk, without prejudice to enforcement of any judgment or order thereof in any other jurisdiction. The United Nations Convention on Contracts for the International Sale of Goods (the "Convention") shall not apply to this License Agreement, however, if the Convention is deemed by a court of competent jurisdiction to apply to this License Agreement, Barco shall not be liable for any claimed non-conformance of the Software under Article 35(2) of the Convention.

YOU HEREBY ACKNOWLEDGE TO HAVE READ, UNDERSTOOD AND ACCEPTED TO BE BOUND BY ALL THE TERMS AND CONDITIONS OF THIS LICENCE AGREEMENT AS INDICATED ABOVE

Exhibit DPA — Data Processing Agreement

This Data Processing Agreement (“Exhibit DPA”) is an integral part of this End User License Agreement (the “EULA”) and applies to the extent your data includes personal data within the meaning of the GDPR.

WHEREAS under the Agreement, you procure identified software provided by Barco (which is referred to herein as the ”Connected Services”);

WHEREAS in rendering the Connected Services, Barco (acting as Data Processor) may from time to time be provided with, or have access to information of you (acting as Data Controller) and the individuals you permit to use the Connected Services, and this information may qualify as personal data within the meaning of the GDPR;

WHEREAS you (acting as Data Controller) engages Barco as a commissioned processor acting on your behalf as stipulated in art. 28 GDPR;

WHEREAS European data protection laws require data controllers in EU/EEA countries to provide adequate protection for transfers of personal data to non-EU/EEA countries and such protection can be achieved by requiring processors to enter into the Standard Contractual Clauses for the Transfer of Personal Data to Processors Established in Third Countries (“EC Standard Contractual Clauses”) pursuant to Commission Decision 2010/87/EU of 5 February 2010 as set out in annex 3 1;

WHEREAS this DPA contains the terms and conditions applicable to the processing of such personal data by Data Processor as a commissioned data processor of Data Controller with the aim to ensure that the Parties comply with the Applicable Data Protection Laws.

1. Definitions

For the purpose of this DPA, the terminology and definitions as used in the GDPR shall apply. In addition to that,

“Affiliate” means any of Affiliate(s) of End User which (a) is subject to the data protection laws and regulations of the European Union, the EEA, the United Kingdom and Switzerland, and (b) is permitted to use the Connected Services.

“Applicable Data Processor law” means the Data Protection Laws that are applicable to Barco as the Data Processor.

“Applicable Data Protection Law” means the Data Protection Laws applicable to the Data Controller.

“Barco” means Barco NV, with registered office at President Kennedypark 35, 8500 Kortrijk Belgium and its subsidiaries.

“Customer” is defined in the Agreement.

“Data Controller” means, for the construction of this Exhibit, End User.

“Data Importer” means the Data Processor or Sub-Processor that is located in a Third Country.

“Data Exporter” means the Data Controller if (a) (i) the Data Controller is located in the EEA or (ii) is located outside of the EEA and is subject to GDPR, and (b) Data Controller transfers personal data to a Data Importer.

“Data Protection Law” means the GDPR and the laws and regulations containing rules for the protection of Data Subjects with regard to the Processing, including without limitation security requirements for and the free movement of Personal Data, implementing or completing the GDPR.

“EEA” means all member states of the European Union (excluding the United Kingdom), Norway, Iceland, Liechtenstein and, for the purposes of this DPA, the United Kingdom and Switzerland.

“Employee” means any employee, agent, contractor, work-for-hire or any other person working under the direct authority of Barco. However, “Employees” do not include “Sub-Processors”.

“End User” is defined in the Agreement, and shall mean a reference to you.

“End User Data” means Personal Data for which End User is the Data Controller under Applicable Data Protection law, which are being shared with Barco in the provision of the Connected Services.

“GDPR” means regulation 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

“Non-Adequate Country” means a country that is deemed not to provide an adequate level of protection of Personal Data within the meaning of the articles 44-45 GDPR.

“Sub-Processor” means any Processor engaged by Barco that Processes End User Data.

“Third Party” means any party other than Barco, Sub-Processor, Customer or End User.

2. Instructions

2.1 To the extent Barco Processes End User Data necessary for the provision of the Connected Services it shall act as a Data Processor on behalf of End User, being the Data Controller.

2.2 Customer is obliged to ensure, and to make any due arrangements with End User, that any instruction given to Barco is in compliance with Applicable Data Protection Law and is endorsed by End User.

2.3 In the provision of the Connected Services, Barco shall Process the End User Data only on documented instructions from Data Controller (that is, End User or instructions given by Customer acting on behalf of End User), unless Barco is required to Process End User Data by Union or by a Member State law to which Barco is subject; in such case, Barco shall inform the End User of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest.

2.4 The Agreement and this DPA are Data Controller's complete and final Instructions to Barco with regard to the Processing.

2.5 Annex I to this DPA sets out certain information regarding the Processing of the End User Data as required by article 28 of the GDPR (and possibly, equivalent requirements of other Data Protection Laws).

2.6 If Barco thinks that an instruction of Data Controller infringes the Applicable Data Processor Law, Barco shall point this out to Data Controller without undue delay.

2.7 Any further instructions that go beyond the instructions contained in this DPA or the Agreement must be within the subject matter of this DPA and the Agreement. If the implementation of such further instructions results in costs for Barco, Barco shall inform Data Controller about such costs with an explanation of the costs before implementing the instruction. Data Controller shall give further instructions generally in writing, unless the urgency or other specific circumstances require another form. Instructions in another form shall be confirmed in writing by Data Controller without undue delay.

3. Applicable law

3.1 When performing this DPA, Data Controller shall comply with the Applicable Data Protection Law and Barco shall comply with the Applicable Data Processor Law.

3.2 Each party shall deal with reasonable requests for assistance of the other party (including of End User) to ensure that the Processing complies with Applicable Data Protection Law.

4. Obligations of Data Controller

4.1 Data Controller Personal Data are lawfully obtained from Data Subject and are lawfully provided to Barco under the Applicable Data Protection Law;

• it provides Barco with Personal Data that are up-to-date and relevant for the Processing activities;
• it has provided Data Subject all necessary and relevant information with regard to the Processing of the Personal Data as required under the Applicable Data Protection Law; and
• the End User Data does not infringe any third-party rights.

4.2 Data Controller, agrees that it remains the contact point for Data Subject and that it will inform Data Subject about this. Should a Data Subject contact Barco with regard to correction or deletion of its Personal Data, Barco will use commercially reasonable efforts to forward such requests to End User.

5. Obligations of Barco

5.1 Security. Barco shall implement appropriate technical, physical and organisational security measures as specified in Annex II taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons to ensure a level of security appropriate to the risk and to protect End User Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, and against all other forms of unlawful Processing including, but not limited to, unnecessary collection or further Processing.

5.2 Non-disclosure and confidentiality. Barco shall keep End User Data confidential and shall not disclose End User Data in any way to any Employee or Third Party without the prior approval of Data Controller, except where, (i) subject to this Section, the Disclosure is required for the performance of the Processing, or (ii) subject to Section 8.1 ii), where End User Data need to be disclosed to a competent public authority to comply with a legal obligation or as required for audit purposes. Barco shall provide the Employees access to End User Data only to the extent necessary to perform the Processing. Barco shall ensure that any Employee it authorises to have access to End User Data Processed on behalf of End User has committed himself to confidentiality or is under an appropriate statutory obligation of confidentiality.

6. Sub-Processors

6.1 Customer shall cause Data Controller to agree that Barco may use Sub-Processors to fulfill its contractual obligations under this DPA or to provide certain services on its behalf, such as providing support services or hosting services. The Sub-Processors that are currently engaged by Barco to carry out Processing activities on End User Data on behalf of End User are mentioned in Barco’s product privacy statement on www.barco.com.

6.2 Barco shall inform the Data Controller of any intended changes concerning the addition or replacement of Sub-Processors via Barco’s usual email notification process. Data Controller shall not unreasonably object to such changes.

6.3 Where Barco subcontracts (part of) the Processing of End User Data on behalf of End User, it shall do so only by way of a written agreement with the Sub-Processor which imposes the same or essentially the same data protection obligations on the Sub-Processor as are imposed on Barco under this DPA and which shall restrict the Sub-Processor to use the End User Data for any other purpose than the provision of the Connected Services. Barco remains liable for the Sub-Processor’s breach of its data protection obligations under such written agreement.

7. Audit and compliance

7.1 Barco shall, upon reasonable notice (no less than two (2) months) and not more than once every two years (unless there is a Personal Data Breach), allow its procedure and documentation to be inspected or audited by Data Controller (or the auditor of its choice, excluding any Barco competitor) during business hours in order to ascertain compliance with the obligations set forth in this DPA, in which case Barco shall make the processing systems, facilities and supporting documentation relevant to the Processing of End User Data available for an audit by End User. For the avoidance of doubt, the scope of such audit shall be limited to documents and records allowing the verification of Barco’s compliance with the obligations set forth in this DPA and shall not include financial documents or records of Barco or any documents or records concerning other customers of Barco.

8. Notifications of Disclosures and Personal Data Breaches

8.1 Barco shall use reasonable efforts to inform Data Controller as soon as reasonably possible if:

• it receives an inquiry, a subpoena or a request for inspection or audit from a competent public authority relating to the Processing, except where Barco is otherwise prohibited by law from making such disclosure;
• it intends to disclose Personal Data to any competent public authority; or
• it becomes aware of a Personal Data Breach.

8.2 In the event of a Personal Data Breach, Barco shall take reasonable remedial measures to preserve the confidentiality of the End User Data. Furthermore, Barco shall provide Data Controller the information reasonably requested by End User regarding the Personal Data Breach. This information will at least contain the following elements:

• a description of the nature of the Personal Data Breach, including the number and categories of Data Subject and personal data records affected;
• a description of the likely consequences of the Personal Data Breach; and
• a description how Barco proposes to address the Personal Data Breach, including any mitigation efforts.

8.3 Customer shall cause Data Controller to agree that an Unsuccessful Security Incident will not be subject to this Section 8. An “Unsuccessful Security Incident” is one that results in unauthorised access to End User Data or to any of Barco’s or Sub-Processor’s equipment or facilities storing End User Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, packet sniffing (or other unauthorised access to traffic data that does not result in access beyond headers) or similar incidents that did not result in an actual destruction, loss, alteration or unauthorised disclosure of Personal Data.

8.4. Barco’s obligation to report or respond to a Personal Data Breach under this Section 8 is not and will not be construed as an acknowledgement by Barco of any fault or liability of Barco with respect to the alleged Personal Data Breach.

9. Cooperation and assistance duty

9.1 Barco will assist Data Controller in the fulfilment of its obligation to respond to requests from Data Subjects, provided that (i) Data Controller has instructed Barco to do so by way of a written instruction and (ii) Data Controller reimburses Barco for the costs arising from this assistance.

9.2 Barco shall promptly inform Data Controller of any complaints, requests or enquiries received from a Data Subject, including but not limited to requests to rectify or erase End User Data or to object to the Processing of End User Data. Barco shall not respond directly to any complaints, requests or enquiries received from Data Subject without Data Controller’s prior written instruction, except where required by law.

9.3 Upon written request of Data Controller, Barco shall make available to the End User all information necessary to demonstrate compliance with the Applicable Data Protection Law.

9.4 Upon written request of Data Controller, Barco shall, taking into account the nature of the Processing and the information at its disposal, assist Data Controller in ensuring compliance with the obligations regarding security of the Processing, notification of Personal Data Breaches and mandatory data protection impact assessments (articles 32-36 GDPR).

9.5 Barco shall cooperate with the supervisory authorities in the performance of their duties.

10. Return and destruction of Personal Data

Upon termination of the provision of the Connected Services, Barco shall – at a reasonable fee - , at the option of Data Controller expressed in writing, return and/or delete the End User Data and copies thereof to End User, except to the extent applicable law provides otherwise. In that case, Barco shall no longer Process the End User Data, except to the extent required by applicable law.

11. Affiliates

11.1 The parties acknowledge and agree that, by providing the Connected Services, the Customer enters into the DPA on behalf of End User and, as applicable, in the name and on behalf of its or their Affiliates. Customer procures that End User and each Affiliate agree to be bound by the obligations under this DPA. All access to and use of the Connected Services by Affiliates must comply with the terms and conditions of the DPA and any violation of the terms and conditions of this DPA by an Affiliate shall be deemed a violation by End User.

11.2 Customer shall remain responsible for coordinating all communication with Barco under this DPA and be entitled to make and receive any communication in relation to this DPA on behalf of End User and any relevant Affiliates.

12. Liability

12.1 Barco indemnifies Customer and holds Customer harmless against all claims, losses or damages incurred by the End User and arising directly out of a breach by Barco of this DPA and/or the Applicable Data Processing Law provisions directed to Barco, unless Barco proves that it is not responsible for the event giving rise to the liability.

12.2 Customer indemnifies Barco and holds Barco harmless against all claims, losses or damages incurred by Barco and arising directly out of a breach of this DPA and/or the Applicable Data Protection Law by Customer or End User.

12.3 Each party’s liability will be limited to foreseeable, direct and personal damage suffered, excluding indirect, incidental, special or consequential damage and regulatory fines, even if advised of the possibility thereof. Indirect Damage shall mean damage or loss that do not directly and immediately result from an event giving rise to the liability, including but not limited to loss of earnings, business interruption, increase of personnel cost, failure to realize anticipated savings or benefits.

12.4 In any event and to the extent permitted by law, Barco’s aggregated maximum liability under this DPA will be limited to the amounts received for the provision of the Connected Services in the twelve months preceding the incident giving rise to liability.

13. Data transfer

13.1 Barco shall not transfer End User Data to any Non-Adequate Country outside the EEA or make any End User Data accessible from any such Non-Adequate Country without adequate protection.

13.2 Any transfer of Personal Data to a Non-Adequate Country shall be governed by the terms of the EC Standard Contractual Clauses (annex III) or other model clauses that have been approved by the EU commission or another competent public authority in accordance with the Applicable Data Processing Law. Barco shall conclude these clauses on behalf of End User. The Appendices of these clauses will contain the same or essentially the same information as this DPA. Barco and End User shall work together to apply for and obtain any permit, authorization or consent that may be required under Applicable Data Processing Law in respect of the implementation of this Section.

14. Termination of the DPA

This DPA shall continue in force until the termination or expiration of the Agreement (the “Termination Date”).

15. Entire Agreement

The following Annexes are attached hereto and made a part hereof:

• Annex I: Details of processing
• Annex II: Technical and organizational measures
• Annex III: EC Standard Contractual Clauses

Annex I — Details of Processing

This Annex 1 includes certain details of the Processing of End User Data as required by Article 28(3) GDPR. More specific details per Barco product are included in the product specific sections of Barco’s product privacy statement.

Subject matter and duration of the Processing of End User Data

The subject matter of the Processing of the End User Data is set out in Barco’s product privacy statement on www.barco.com and this DPA.

End User Data will be Processed for the duration of the provision of Connected Services for the benefit of the End User.

End User Data can be Processed outside the EEA by Barco Affiliates and/or Sub-Processors as indicated in Barco’s Product Privacy Statement.

The nature and purpose of the Processing of End User Data

Barco is managing the hosting environment on behalf of the Data Controller to enable the provision of the Connected Services

The types of End User Data to be Processed is set out in Barco’s product privacy statement

(https://www.barco.com/en/about-barco/legal/privacy-policy/product-privacy-statement)

The categories of Data Subjects to whom the End User Data relates

• End User’s employees (including End User’s agents, advisors, freelancers and consultants) and End User’s representatives (who are natural persons)
• Customers of the End User, its employees and representatives

• Customers of the End User’s customers, its employees and representatives
• Users of the Barco Product authorized by the End User to use the products

Annex II — Technical and organisational measures

1. The pseudonymisation and encryption of personal data; (art. 32, par. 1, lit. a, GDPR)

based on a risk assessment (and if required an additional DPIA) Barco will ensure a level of security appropriate to the risk, including inter alia as appropriate:

1. Pseudonymization
2. Encryption, conform Cryptographic Controls policy

2. Ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (art. 32, par. 1, lit. b, GDPR)

1. Barco is verified under ISO/IEC 27001:2013 covering the business processes, infrastructure and tools related to software development, sales, deployment, and support of our ClickShare wireless collaboration product line in our Kortrijk, Noida and Taipei locations. https://www.barco.com/en/about-barco/legal/certificates
2. Security and privacy by design

3. Compliance with the security policies in place at Barco, covering

   1. Information Security Top Policy
   2. Code of Digital Conduct
   3. Acceptable Use
   4. Logical Access Control
   5. Third Party Security
   6. Backup and Recovery
   7. Password
   8. Info Sec Incident Management
   9. Anti Malware
   10. Network Protection
   11. Cryptographic Controls
   12. IT Operations
   13. Cloud Security
   14. Secure SDLC
   15. Disposal and Destruction
   16. Physical Environmental Security
   17. Secure Remote Support Policy

3. The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; (art. 32, par. 1, lit. c, GDPR)

Compliance with the security policies in place at Barco, covering

1. Backup and Recovery
2. IT Operations

4. Process for regular testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the data processing (art. 32, par. 1, lit. d, GDPR)

1. Product Security Incident Response teams (psirt): https://www.barco.com/psirt
2. Barco Security Organization operates in three lines of defense, covering operations, governance and internal audit.
3. Regular evaluations by independent third parties (e.g. penetration testing, audit, …)
4. Integration of automated security scanning tools during the development process (Secure SDLC) and operations

Annex III — EC Standard Contractual Clauses

For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection.

The entity identified as the “Data Controller” in the DPA (the “data exporter”) and the entity identified as the “Data Processor” in the DPA (the “data importer”).

HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data

For the purposes of the Clauses:

(a) 'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data ;

(b) 'the data exporter' means the controller who transfers the personal data;

(c) 'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;

(d) 'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;

(e) 'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;

(f) 'technical and organisational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

The details of the transfer and in particular the special categories of personal data where applicable are specified in Annex I which forms an integral part of the Clauses.

1. The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.

2. The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.

3. The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

4. The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.

The data exporter agrees and warrants:

(a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;

(b) that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;

(c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Annex II to this contract;

(d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;

(e) that it will ensure compliance with the security measures;

(f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;

(g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;

(h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Annex II, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;

(i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and

(j) that it will ensure compliance with Clause 4(a) to (i).

The data importer agrees and warrants:

(a) to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

(b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

(c) that it has implemented the technical and organisational security measures specified in Annex II before processing the personal data transferred;

(d) that it will promptly notify the data exporter about:

1. any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
2. any accidental or unauthorised access, and
3. any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;

(e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;

(f) at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;

(g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Annex II which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;

(h) that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;

(i) that the processing services by the subprocessor will be carried out in accordance with Clause 11;

(j) to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.

1. The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.

2. If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.

The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.

3. If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.

1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:

(a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;

(b) to refer the dispute to the courts in the Member State in which the data exporter is established.

2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.

2. The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.

3. The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).

The Clauses shall be governed by the law of the Member State in which the data exporter is established, namely Belgium

The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.

1. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor's obligations under such agreement.

2. The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

3. The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established

4. The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter's data protection supervisory authority.

1. The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.

2. The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.

Data exporter

The data exporter is using Connected Services of data importer as specified in the Agreement

Data importer

The data importer is rendering the Connected Services as specified in the Agreement

Data subjects

The personal data transferred concern the following categories of data subjects.

• Data exporter’s employees (including data exporter’s agents, advisors, freelancers and consultants) and Data exporter’s representatives (who are natural persons)
• Customers of data exporter, its employees and representatives
• Customers of data exporter’s customers, its employees and representatives
• Users of the Barco product authorized by the data exporter to use the products

Categories of data

The personal data transferred are specified in Barco’s product privacy statement (https://www.barco.com/en/about-barco/legal/privacy-policy/product-privacy-statement)

Special categories of data (if appropriate)

Data importer may, subject to the restriction set out in the Agreement, submit special catergories of Personal Data to the Connected Services, the extent of which is determined and controlled by data exporter in its sole discretion.

Processing operations

The objective of Processing of Personal Data by data importer is the performance of the Connected Services pursuant to the Agreement.

Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) are described in Annex II Technical and organisational measures.

YOU HEREBY ACKNOWLEDGE TO HAVE READ, UNDERSTOOD AND ACCEPTED TO BE BOUND BY ALL THE TERMS AND CONDITIONS OF THIS LICENCE AGREEMENT AS INDICATED ABOVE

Barco ClickShare Product Specific Privacy policy

You are controller for personal data which are being processed via the Software. Therefore, you remain solely responsible for complying with all applicable data protection laws and for implementing and maintaining privacy protection and security measures (especially for components that you provide or control). Barco disclaims any liability in this regard. Barco created a specific privacy policy for the ClickShare software application for mobile devices, which describes the processing of personal data via this application (https://www.barco.com/en/about-barco/legal/privacy-policy/clickshare-app).

Via the Software, Barco may gather technical information about (i) the functioning and the functionality of the products which are connected through the Software, and/or (ii) as provided by you or generated by your use of the Software (“Functional Information”). Barco may make use of such Functional Information for purposes of analytics, for developing and improving products and services, offering products and services to your organization and/or allowing third parties to access such Functional Information; based on the legitimate interest of Barco of evaluating the market, assessing and improving its products and conducting research and development. All knowhow, inventions and works derived by Barco from the Functional Information will be exclusively owned by Barco.