1.  Introduction

This Terms and Conditions is created to outline the guidelines, rules, restrictions, limitations, obligations and responsibilities of VRM a.s. and any individual or entity that engage in a business which results in a sale or purchase of goods and/or services.

2. Definitions

Supplier: Refers to a company that provides goods or services under these T&C.

Customer: Refers to the individual or entity that purchases or receives goods and/or services from the Supplier.

Goods: Any product that the Supplier sells to the Customer.

Services: Any services that the Supplier provides to the Customer.

Confidential Data: Any information that is not publicly available and that a party designates as confidential or that a rational person would consider confidential.

Intellectual Property: Professional knowledge, experience, techniques, methodologies or other intellectual property owned and used by the Supplier.

Information Security: Protection of information and information systems against unauthorized access, use, disclosure, interference, modification or destruction.

Business Continuity: Continuation of key business operations without major disruption, despite the occurrence of unforeseeable events or circumstances.

3. Information Security

3.1. Both involved parties are obliged to comply with all relevant legal regulations and standards regarding information security and data protection.

3.2. The involved parties shall protect and secure all information, that is exchanged or created within the framework of the contract, against unauthorized access, misuse, destruction or loss.

3.3. The involved parties shall inform the other party of any security incident or data loss that could affect the performance of the contract, without undue delay after discovering such an event.

3.4. The involved parties shall perform regularly update and test their security measures in order to maintain their ability to protect the exchange and storage of information.

3.5. In the event of termination of contract, the involved parties shall properly delete or return all information of the other party, unless this is contrary to applicable legal regulations or other agreed conditions.

4. Business Continuity

4.1. The involved parties shall comply with their business continuity plans and shall prepare for possible emergency situations or exceptional circumstances that could affect their ability to fulfill their obligations under contract.

4.2. In such an circumstances, the involved parties shall communicate openly and effectively in order to minimize any disruption to business operations.

4.3. If possible, the involved parties shall provide alternative means of delivery of goods or services if the situation so requires.

4.4. The involved parties shall regularly review and update their business continuity plans in order to ensure their relevance and effectiveness.

5. Confidential Data and Intellectual Property Protection

5.1. All information that are marked as confidential or should be treated as confidential, including but not limited to know-how, trade secrets, business strategies, customer and supplier information and other commercially sensitive information, that is exchanged between the involved parties or arises in connection with the contract, are considered confidential.

5.2. The involved parties undertake that such confidential information will not be made available to third parties in any case and under any circumstances without the prior written consent of the other party, except when required by law.

5.3. The involved parties shall use the confidential information exclusively for the purposes of fulfilling their obligations under the contract and not to use it for any other purposes.

5.4. The involved parties shall return or destroy all confidential information in their possession as soon as possible after the termination of the contract, unless this is contrary to applicable laws or other agreed terms.

6. Privacy Policy

6.1. Each involved party is obliged to comply with all applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR).

6.2. The involved parties are obliged to protect and secure all personal data, that is exchanged or created within the framework of the business contract, against unauthorized access, misuse, destruction or loss.

6.3. If one party processes personal data on behalf of the other party, it shall do so in accordance with the other party’s prior written consent and shall take appropriate technical and organizational measures to protect that data.

6.4. The involved parties shall inform, without undue delay, the other party of any incident related to personal data that could affect the performance of the contract after discovering of such an event.

6.5.  In the event of termination of the contract, the involved parties shall properly delete or return all personal data of the other party, unless this is contrary to applicable legal regulations or other agreed conditions.