TERMS OF SERVICE
These Terms of Service (the “Agreement”) is a contract in electronic format between you as an end-user and mHelpDesk, Inc, a Delaware C-Corp, governing the use of mHelpDesk’s remote-accessible service based on our Service Management Software (the “Service”). By accessing and using our Service, you are agreeing that you will be bound by and comply with the terms and conditions of this Agreement. The terms “mHelpDesk”, “we”, “us” or “our” refers collectively to the licensor mHelpDesk, Inc and our website mHelpDesk.com (the “Site”). The term “you” or “your” refers to you as the user and licensee of our Service under this Agreement.
1. ACCEPTANCE OF TERMS.
mHelpDesk makes the Service available through our Site as provided in this Agreement. We provide our Service to you under and subject to the most recent version of this Agreement. We may update this Agreement at any time, without prior notice to you, by posting a new version at https://www.mHelpDesk.com/user-agreement. The latest Agreement will be posted on the Site for your review before using the Service. If you do not agree with all the terms and conditions of this Agreement, you must cease using the Service; your continued use of the Service will signify your acceptance of this Agreement.
2. DESCRIPTION OF SERVICE.
The Service is designed to provide you with the capability to manage your service business. The Service is based on our Service Management Software (the “Service Management Software”) that is hosted by us or on our behalf and accessible by you remotely through our Site.
Subject to the terms and conditions of this Agreement, mHelpDesk grants to you a limited, non-transferable, non-exclusive, non-sublicensable, revocable right and license to access and use our Service to support your business operations for the term of this Agreement unless sooner terminated; provided, however, that you may not use the Service in a resale capacity, or process third party data in a commercial service bureau environment, and mHelpDesk retains all right, title and interest in and to all Service Management Software applications and any materials supplied to you by us.
You shall not (i) license, sublicense, sell, resell, transfer, assign, distribute or otherwise commercially exploit or make available to any third party the Service in any way except as permitted under this Agreement in connection with developing your own service management programs; (ii) modify or make derivative works based upon the Service; (iii) create Internet “links” to the Service or “frame” or “mirror” any portion of the Service on any other server or wireless or Internet-based device; or (iv) reverse engineer or access the Service in order to (a) build a competitive product or service, (b) build a product or service using similar ideas, features, functions or graphics represented by or incorporated in the Service, or (e) copy any ideas, features, functions or graphics represented by or incorporated in the Service.
As part of the Service, mHelpDesk will provide and operate the servers, system software, and applications software, including our Service Management Software functionality available to you in connection with the Service as provided in this Agreement.
The Service will include remedial maintenance for the Service Management Software our Service is based upon, including all updates, bug fixes, and upgrades to the Service Management Software that are implemented by us during the term of the Agreement.
7. AVAILABILITY OF SERVICE.
Subject to the terms and conditions of this Agreement, mHelpDesk will use commercially reasonable efforts to provide the Service for twenty-four hours a day, seven (7) days a week through the term of this Agreement. You agree that from time to time the Service may be inaccessible or impossible to use for various reasons, including periodic maintenance procedures or upgrades, service malfunctions and causes beyond our control or that are not reasonably foreseeable by us, including the interruption or failure of telecommunications or digital transmission links, hostile network attacks or network congestion or other failures (collectively, “Downtime”). mHelpDesk will use commercially reasonable efforts to minimize any disruption, inaccessibility and/or inoperability of the Service in connection with Downtime, whether scheduled or not. mHelpDesk will not be responsible for any damages or costs incurred by you, including without limitation, lost profits, if any, that may arise in connection with Downtime.
8. YOUR REGISTRATION OBLIGATIONS.
You represent that you are of legal age to form a binding contract and are not a person barred from receiving services under the laws of the United States or any other applicable jurisdiction. You also agree to: (a) provide true, accurate, current, and complete information about yourself as prompted by the mHelpDesk Service’s registration form (the “Registration Data”) and (b) maintain and promptly update the Registration Data to keep it true, accurate, current, and complete. If you provide any information that is untrue, inaccurate, not current, or incomplete, or mHelpDesk has reasonable grounds to suspect that such information is untrue, inaccurate, not current, or incomplete, mHelpDesk has the right to suspend or terminate your account and refuse any and all current or future use of the Service (or any portion thereof). You have the responsibility to safeguard your own login credentials, and are responsible for all activity occurring under your account.
You agree to comply with our acceptable use policies in connection with your use of the Service. You understand that all information, data, text, software, graphics, or other materials (“User Content”), whether publicly posted or privately transmitted, are the sole responsibility of the person from whom such User Content originated. This means that you, and not mHelpDesk, are entirely responsible for all User Content that you upload, post, e-mail, transmit, or otherwise make available via the Service. mHelpDesk does not control the User Content posted via the Service and, as such, does not guarantee the accuracy, integrity, or quality of such User Content. MHelpdesk takes no responsibility for, and shall not in any circumstances be liable in any way for any User Content or harm or damages arising therefrom, including, but not limited to, any errors or omissions in any content, or any loss or damage of any kind incurred as a result of the use of any User Content posted, e-mailed, transmitted, or otherwise made available via the Service. You agree to not use the Service to:
(a) upload, post, e-mail, transmit, or otherwise make available any User Content that is unlawful, harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, invasive of another’s privacy, hateful, or racially, ethnically, or otherwise objectionable, or harm minors;
(b) impersonate any person or entity or falsely state or otherwise misrepresent your identity or affiliation with a person or entity;
(c) forge headers or otherwise manipulate identifiers in order to disguise the origin of any User Content transmitted through the Service;
(d) upload, post, e-mail, transmit, or otherwise make available any User Content that you do not have a right to make available under any law or under contractual or other relationships;
(e) upload, post, e-mail, transmit, or otherwise make available any User Content that infringes any patent, trademark, trade secret, copyright, or other property rights of any party;
(f) upload, post, e-mail, transmit, or otherwise make available any unsolicited or unauthorized advertising, promotional materials, “junk mail,” “spam,” or any other form of solicitation;
(g) upload, post, e-mail, transmit, or otherwise make available any material that contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment;
(h) disrupt the normal flow of dialogue, or otherwise act in a manner that negatively affects other users’ ability to engage in discussions or exchanges;
(i) interfere with or disrupt the Service or servers or networks connected to the Service, or disobey any requirements, procedures, policies, or regulations of networks connected to the Service;
(j) intentionally or unintentionally violate any applicable local, state, national, or international law;
(k) “stalk” or otherwise harass another; and/or
(l) collect or store personal data about other users in connection with the prohibited conduct and activities set forth in paragraphs above. You acknowledge that mHelpDesk has the right, but not the obligation, to pre-screen or monitor User Content, and that mHelpDesk and its designees may in their sole discretion, refuse, move, or take down, remove or discard any User Content that is available via the Service and which in mHelpDesk’s opinion violates the terms of this Agreement. You agree that you must evaluate, and bear all risks associated with, the use of any User Content, including any reliance on the accuracy, completeness, or usefulness of such User Content. You acknowledge, consent, and agree that mHelpDesk may access, preserve, and disclose your account information and User Content if required to do so by law or in a good faith belief that such access preservation or disclosure is reasonably necessary to:
(1) comply with legal process;
(2) enforce the terms of this Agreement;
(3) respond to claims that any User Content violates the rights of third parties;
(4) respond to your requests for subscriber service;
(5) protect the rights, property, interests, or personal safety of mHelpDesk, its users, and the public; and/or
(6) (f) prevent crime, or report a crime that has already been committed.
10. UNAUTHORIZED USE.
You will notify us immediately of any unauthorized use of any password or account or any other known or suspected breach of security.
11. USE OF YOUR INFORMATION.
Your information is used by mHelpDesk and its affiliates, including but not limited to HomeAdvisor, Inc., CraftJack, Inc., and IAC/InterActiveCorp (“Affiliates”), for the following purposes:
• To deliver functionality and improve the mHelpDesk site and/or the Service,
• To fulfill your requests for assistance with, or information about, the mHelpDesk site and/or the Service;
• To conduct research about your use of the mHelpDesk site and/or the Service and their functionality;
• To offer and/or integrate other services, products, features or functionality of mHelpDesk or its Affiliates that may be of interest to you; and
• To integrate services, products or features from mHelpDesk’s business partners and service providers that we believe will enhance your experience and the functionality and reach of our Service.
If we enter into any future arrangements with business partners or other service providers (other than Affiliates) that require access to your contact information, we will provide notice and an opportunity for you to opt out. In any event, we will require our business partners and service providers to maintain your information in confidence, and not to misuse it.
12. PROTECTION OF CHILDREN.
mHelpDesk is intended for a general audience, but is not directed to the use by children under the age of thirteen, who may not register without the verifiable consent of a parent or guardian. mHelpDesk does not knowingly solicit or maintain any personal information of children under 13 years of age, and we will take steps to terminate any unauthorized underage registration of which we become aware.
13. USER CONTENT.
As between mHelpDesk and you, you are deemed to possess all right, title and interest in and to any User Content you submit or make available for inclusion via the Service. To the extent that you have the legal right to do so, however, you agree that by making the User Content available for inclusion via the Service, you agree to allow mHelpDesk the right to use and display such User Content, in whole or in part, on the Service.
14. USAGE INFORMATION.
15. INTELLECTUAL PROPERTY OWNERSHIP.
The term “Intellectual Property Rights” means any and all now known or hereafter known tangible and intangible (i) rights associated with works of authorship throughout the universe, including, but not limited to, copyrights and moral rights, (ii) trademark and trade name rights and similar rights, (iii) trade secret rights, (iv) patents, designs, algorithms and other industrial property rights, (v) all other intellectual property and industrial property rights of every kind and nature throughout the universe and however designated, whether arising by operation of law, contract or license, and (vi) all registrations, initial applications, renewals, extensions, continuations, divisions or reissues hereof now or hereafter in force (including any rights in any of the foregoing). You agree that mHelpDesk shall retain all right, title and ownership in and to the Service, the Site, Service Management Software, and all Content we provide you in connection with the Service, including, without limitation, all related Intellectual Property Rights represented by or embodied in our Service, Site, Service Management Software or Content. The term “Content” shall refer to all information, data, text, graphics or other materials we make available to you in connection with the Service. You shall have no rights in such Service, Site, Service Management Software or Content other than the limited right to use such Service, Site, Service Management Software or Content as provided herein. We will also own all right, title and interest in any suggestions, ideas, enhancements, requests, feedback, recommendations and other information you provide us relating to the Service.
16. SCRAPERS, BOTS, CRAWLERS AND SPIDERS.
You agree that you will not use any robot, spider, site search, retrieval application or other manual or automatic device to retrieve, index, scrape, data mine or in any way gather or extract content on or available through the Site or our Service or reproduce or circumvent the navigational structure or presentation of the Site, or our Service.
You agree to indemnify and hold mHelpDesk and its subsidiaries, affiliates, officers, agents, employees, partners, and licensors harmless from any claim or demand, including but not limited to reasonable attorneys’ fees, made by any third party due to or arising out of User Content you submit, post, transmit, or otherwise make available through the Service, your use of the Service, your connection to the Service, any content you create, manage or control in connection with the Service, your violation of the terms of this Agreement, or your use of the Service in violation of any third party rights.
18. MODIFICATIONS TO SERVICE.
You acknowledge that mHelpDesk may establish general practices and limits concerning use of the Service. You further acknowledge that mHelpDesk reserves the right to modify these general practices and limits from time to time. mHelpDesk reserves the right at any time and from time to time to modify or discontinue, temporarily or permanently, the Service (or any part thereof) with or without notice. You agree that mHelpDesk shall not be liable to you or to any third party for any modification, suspension, or discontinuance of the Service, in whole or in part.
19. BILLING AND TERMINATION.
This Agreement shall commence upon acceptance of your Registration Data and initial payment and shall continue thereafter until terminated.
- Billing Cycle. The membership fee for the mHelpDesk service and any other charges you may incur in connection with your use of the service, such as taxes and possible transaction fees, will be charged on a monthly or annual basis to your Payment Method on the calendar day corresponding to the commencement of the paid portion of your membership until your membership is cancelled. Membership fees are fully earned upon payment. In some cases your payment date may change, for example if your Payment Method has not successfully settled or if your paid membership began on a day not contained in a given month.
- Payment Methods. To use the mHelpDesk service you must provide one Payment Method. You can update your Payment Methods by going to the “My Account” page. We may also update your Payment Methods using information provided by our payment service providers. Following any update, you authorize us to continue to charge the applicable Payment Method(s). You authorize us to charge any Payment Method associated to your account in case your primary Payment Method is declined or no longer available to us for payment of your subscription fee. You remain responsible for any uncollected amounts. If a payment is not successfully settled, due to expiration, insufficient funds, or otherwise, and you do not cancel your account, we may suspend your access to the service until we have successfully charged a valid Payment Method for all current and back charges. For some Payment Methods, the issuer may charge you certain fees, such as foreign transaction fees or other fees relating to the processing of your Payment Method. Check with your Payment Method service provider for details.
- Cancellation. You can cancel your mHelpDesk membership at any time, and you will continue to have access to the mHelpDesk service through the end of your monthly or annual billing period. However, we do not provide refunds or credits, including prorated refunds, for any partial-month or partial-year membership periods or unused mHelpDesk content. To cancel, contact our Customer Success team by calling us toll free at 1-888-558-6275 ext 2. In order to cancel the account, we must be able to verify that you are the account owner via the billing information provided at purchase or most recent billing update. If you cancel your membership, your account will automatically close at the end of your current billing period. If you signed up for mHelpDesk using your account with a third party as a Payment Method and wish to cancel your mHelpDesk membership, you need to do so through that third party, for example by visiting your account with the applicable third party and unsubscribing from the mHelpDesk service through that third party. You may also find billing information about your mHelpDesk membership by visiting your account with the applicable third party.
- Changes to the Price and Subscription Plans. We reserve the right to modify, suspend, or discontinue the Service at any time for any reason with or without notice. We reserve the right to change our fees upon 30 days notice. Fee changes will be notified via email to all our subscribers and will be reflected in your account (under “My Account” in mHelpDesk). Your continued use of the Service constitutes your assent to the changed fees.
- No Refunds. Subscription payments are nonrefundable and you are not entitled to any refunds or credits, including prorated refunds, for partially used periods. Following any cancellation, however, you will continue to have access to the service through the end of your current billing period. mHelpDesk may choose to issue a credit or a refund in its sole and absolute discretion. The provision of credits or a refund in one instance does not entitle you to credits or refunds in the future for similar instances, nor does it obligate us to provide credits or refunds in the future, under any circumstance. Regarding additional mHelpDesk services, such as Premium Setup, a refund may be awarded, in mHelpDesk’s sole discretion, if mHelpDesk has not provided any material work with respect to the services. However, upon the completion (or substantial completion) of any deliverables or account modifications, no refunds will be awarded for services.
The Service may provide, or third parties may provide, links to other World Wide Web sites or resources. Because mHelpDesk has no control over such sites and resources, you acknowledge and agree that mHelpDesk is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any third party Content, advertising, products, or other materials on or available from such sites or resources. You further acknowledge and agree that mHelpDesk shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any third party Content, goods, or services available on or through any such site or resource.
21. DISCLAIMER OF WARRANTIES.
You expressly understand and agree that your use of the Service is at your sole risk. The mHelpDesk service is provided on an “as is” and “as available” basis. In the event of system or component failure, it is possible that for a certain period of time, you may not be able to enter new transactions, execute existing transactions, or modify or cancel transactions that were previously entered. System or component failure may also result in loss of orders or priority. mHelpDesk and its affiliates, officers, employees, and licensors expressly disclaim all warranties of any kind, whether express, statutory, or implied, including, but not limited to the implied warranties of merchantability, fitness for a particular purpose or use, availability, non-interference with your enjoyment of the site or Service and non-infringement. mHelpDesk and its affiliates, officers, employees, and licensors make no warranty that: (a) the Service will meet your requirements; (b) the Service will be uninterrupted, timely, completely secure, without delay, free from service degradation or error-free; and/or (c) the results that may be obtained from the use of the Service will be accurate or reliable. No advice or information, whether oral or written, obtained by you from mHelpDesk or through or from the Service shall create any warranty not expressly stated in this Agreement.
22. LIMITATION OF LIABILITY.
You expressly understand and agree that mHelpDesk and its affiliates, officers, employees, agents, partners, and licensors shall not be liable to you (whether in contract or based on warranty, negligence, tort, strict liability or otherwise) for any indirect, incidental, special, consequential, punitive or exemplary damages, including, but not limited to, damages for loss of profits, goodwill, use, data, or other intangible losses (even if mHelpDesk has been advised of the possibility of such damages), resulting from the use of, or the inability to use, our site or Service. In any event, our total aggregate liability arising from or related to this Agreement or the Service shall be limited to your direct damages, not to exceed the fees actually paid to us during the most recent six month period immediately preceding the earliest event giving rise to our liability under this Agreement.
Except for the right of a party to apply to a court for a temporary restraining order, preliminary injunction or other equitable relief, any controversy or claim arising out of or relating to this Agreement that cannot be resolved through negotiation will be resolved by binding arbitration in accordance with the Commercial Arbitration Rules of the American Arbitration Association. If the parties cannot agree on a single arbitrator, the arbitrator will be selected by the American Arbitration Association. All arbitration proceedings will occur in English and will be held in Reston, Virginia, USA. The parties agree that any dispute resolution proceeding will be conducted on an individual basis and not as a class or representation action. Neither you nor mHelpDesk shall be a member of a class, consolidated or representative action or proceeding. The award of the arbitrator shall be binding and may be entered as a judgment in any court of competent jurisdiction. The cost of the arbitration shall be borne equally by the parties. Neither party nor the arbitrator may disclose the existence or results of any arbitration hereunder. The authority of the arbitrator to award damages in any event is and shall be limited by this Agreement.
(m) Entire Agreement. This Agreement and any applicable Registration Form and Exhibit A constitutes the entire agreement between you and mHelpDesk and governs your use of the Service, superseding any prior or contemporaneous agreements between you and mHelpDesk with respect to the Service, whether written or oral.
(n) Choice of Law and Forum. This Agreement and the relationship between you and mHelpDesk shall be governed by the laws of the Commonwealth of Virginia without regard to its conflict of law provisions. You agree to submit to the personal and exclusive jurisdiction of the courts located within the county of Fairfax, Virginia.
(o) Waiver and Severability of Terms. The failure of mHelpDesk to exercise or enforce any right or provision of this Agreement shall not constitute a waiver of such right or provision. If any provision of this Agreement is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavor to give effect to the parties’ intentions as reflected in the provision, and the other provisions of this Agreement will remain in full force and effect.
(p) Force Majeure. No party shall be liable to any other party for any failure or delay caused by force majeure and similar events beyond any party’s reasonable control, including, without limitation, acts of nature, terrorist acts, sabotage, or accidents. This force majeure provision shall not be applicable to your payment obligation under this Agreement.
(q) Independent Contractors. mHelpDesk and you are independent contractors. None of the provisions of this Agreement or the provision of the Service hereunder shall be deemed to constitute a partnership, joint venture, franchisor-franchisee, employer-employee, or any other such relationship between the parties hereto, and neither party shall have any authority to bind the other in any manner except as expressly provided in this Agreement. Neither party shall have or hold itself out as having any right, authority or agency to act on behalf of the other party in any capacity or in any manner, except as may be specifically authorized in this Agreement. You assume full responsibility for the acts of your personnel and shall be solely responsible for their supervision, direction and control, compensation, benefits and taxes.
(r) Assignment. You may not assign this Agreement without our prior written approval. Any purported assignment in violation of this section shall be void. Any permitted assignment shall inure to the benefit of and be binding on the assigning party’s successor and assigns.
(s) No Third Party Beneficiaries. The Agreement does not create any unintended third party beneficiary rights.
(t) Electronic Notices. YOU AGREE TO THIS LICENSE ELECTRONICALLY. YOU AUTHORIZE US TO PROVIDE YOU ANY INFORMATION AND NOTICES REGARDING THE SERVICE (“NOTICES”) IN ELECTRONIC FORM. WE MAY PROVIDE NOTICES TO YOU (1) VIA E-MAIL IF YOU HAVE PROVIDED US WITH A VALID EMAIL ADDRESS OR (2) BY POSTING THE NOTICE ON A WEBSITE DESIGNATED BY US FOR THIS PURPOSE. The delivery of any Notice is effective when sent or posted by mHelpDesk regardless of whether you read the Notice or actually receive the delivery. You can withdraw your consent to receive Notices electronically by discontinuing your use of the Service.
25. DELETION OF YOUR INFORMATION.
Your personal information, as well as any User Content you make available for inclusion via the Service, belongs to you. If you want to delete your information from our system, you can do so at any time by contacting us. We will confirm your request (to verify that it’s really you) and we will delete your information as promptly as reasonably possible, but in any event within 15 business days from the date your request is confirmed. Once the deletion of your information has been completed, we will notify you.
26. DATA MIGRATION.
You may choose to request that mHelpDesk assist you with certain data management tasks, for example importing your business data, exporting your data from mHelpDesk to other systems, or bulk-deleting your data (“Migration Services”). In so requesting, you are representing that you have all rights to your data, and that you authorize mHelpDesk to access your data to perform the Migration Services. You agree that mHelpDesk may charge you additional fees for the Migration Services, including, where necessary and possible, to restore deleted or damaged data. mHelpDesk will use reasonable care in performing the Migration Services, but will be responsible only to the extent of correcting any errors due to gross negligence or willful misconduct. You acknowledge that mHelpDesk is not responsible for encryption of your data. mHelpDesk is not liable for any damage, corruption, loss, misuse, or dissemination of your data. mHelpDesk PROVIDES THE MIGRATION SERVICES ON “AS IS” TERMS AND, EXCEPT AS PROVIDED ABOVE, MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE MIGRATION SERVICES, INCLUDING WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. mHelpDesk ASSUMES NO RESPONSIBILITY WITH RESPECT TO USE OF THE MIGRATION SERVICES. YOU, ON BEHALF OF YOURSELF AND YOUR END USERS, AGREES THAT mHelpDesk WILL NOT BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE MIGRATION SERVICES. YOU AGREE TO INDEMNIFY AND HOLD HARMLESS mHelpDesk AND ITS AFFILIATES, AGENTS, AND EMPLOYEES AGAINST ALL CLAIMS, DEMANDS, LOSSES, DAMAGES, PENALTIES, AND FINES (INCLUDING REASONABLE ATTORNEYS’ FEES AND COURT COSTS) ARISING OUT OF OR RELATED TO THE MIGRATION SERVICESS, INCLUDING ANY CLAIMS MADE BY YOUR END USERS, AND ANY THIRD PARTIES.
27. CONTACTING US.
If you have any questions or comments, or think we’ve overlooked something important to you, please feel free to email us at info@mHelpDesk.com
SMS Terms of Service:
This Terms of Service is a contract in electronic format between you, as an end-user, and mHelpDesk, Inc., a Delaware C-Corp, governing the use of mHelpDesk’s Text (SMS) Message Add-On feature (SMS Add-On). By accessing and using our SMS Add-On feature, you are agreeing that you will be bound by and comply with the terms and conditions of this Agreement. The terms “mHelpDesk”, “we”, “us” or “our” refers collectively to the licensor mHelpDesk, Inc. and our website mHelpDesk.com (the “Site”). The term “you” or “your” refers to you as the user and licensee of our Service under this Agreement.
By enabling mHelpDesk’s SMS Add-On feature you agree that mHelpDesk may send your customers and your mHelpDesk system users (employees/staff setup with mHelpDesk user accounts) informational text (SMS) messages as part of normal business operation. You further agree to inform your customers that you send appointment reminder text notifications as a part of your normal business operations (and that carrier fees may apply to the customer), which the customer may opt-out of at any time using the capabilities described in section “Opting Out from text Messages”.
Cost, Billing, and Payment:
You agree that SMS message overage fees will be billed to your mHelpDesk account for cases where you have exceeded the text message limit for your SMS feature plan.
Carrier Text Message Rates:
You additionally understand and agree that standard phone carrier text messaging rates may apply to recipients of the mHelpDesk text messages. These phone carrier costs are your responsibility, the responsibility of your mHelpDesk system users, and your customers and is not the responsibility of mHelpDesk, Inc.
Managing Text Message Settings:
Once you have enabled the SMS Add-On feature, you may enable, disable, and manage your SMS notification settings by accessing the Text Message Notifications Settings from within mHelpDesk.
Opting Out from text Messages:
All recipients of the text messages sent using the SMS Add-On feature may opt-out of receiving future text messages from the SMS Add-On feature by texting the word STOP in response to any previously received text message from the mHelpDesk SMS Add-On feature.”
28. PAYMENT PROCESSING.
mHelpDesk partners with WePay, A JP Morgan Chase company, to power the mHelpDesk Payments solution for home service professionals. mHelpDesk Payments is fully PCI compliant through WePay, a PCI-DSS Level 1 compliant platform, in order to ensure the highest level of security and compliance. WePay is a leader in fraud detection and security practice and one of the primary reasons mHelpDesk chose WePay to power mHelpDesk Payments.
For users in the U.S.:
mHelpDesk Payments U.S. Fee Schedule:
For users in Canada:
mHelpDesk Payments Canada Fee Schedule:
For users in the EU or UK:
Data Processing Agreement
If you are based in the EU or the UK, this Data Processing Agreement (“DPA”) between mHelpDesk and you (“Company”) forms a part of, and is incorporated into, the Agreement. mHelpDesk and you agree as follows:
- The subject matter, duration, nature and purpose of the processing is set forth in the Agreement. The type of personal data and categories of data subjects are set forth in the Standard Contractual Clauses attached hereto as Annex A, which the parties shall execute to enable the transfer of Company personal data from the EU and/or UK;
- We will only process Company personal data to the extent necessary to provide you with our services and always in accordance with your written instructions set forth in the Agreement. If we believe your instructions are not in accordance with applicable data protection law, we will notify you;
- If any of our staff or contractors are authorized to process Company personal data, we will only allow them to do so where they are bound by a contractual or statutory obligation of confidentiality;
- We will ensure that there are appropriate technical and organizational measures required by Article 32 of the GDPR to protect Company personal data against personal data breaches;
- We will inform you without undue delay if we detect that a personal data breach has occurred and where requested we will assist you in communicating with the appropriate parties regarding the personal data breach;
- You grant us a general authorization to appoint sub-processors to process your personal data. We currently use the following sub-processors to process Company personal data: Google (application analytics, developer tools), Pendo (application analytics), Intercom (chat support), Authorize.Net (payment processing), Square (payment processing), Stripe (payment processing), WePay (payment processing), PayPal (payment processing), Fusebill (subscription management), Salesforce (customer relationship management), SendGrid (email delivery), Twilio (SMS delivery), Datadog (logging), and Snowflake (data warehouse). If we make any changes to our current sub-processors we will notify you in writing thirty days prior to doing so and you have the right to object provided that use of such proposed sub-processor would infringe applicable data protection law;
- We will ensure that our sub-processors agree to adhere to terms that are at least as protective as this DPA and we will be responsible for all acts and omissions of such third party who is processing Company personal data;
- Taking into account the nature of the processing, we will assist you by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of your obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR;
- We will assist you in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of processing and the information available to us;
- We will, at your choice, delete or return all the Company personal data to you after the end of the provision of services relating to processing, and delete existing copies unless applicable law requires storage of the personal data;
- We will make available to you all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR and allow for and contribute to audits, including inspections, conducted by you or another auditor mandated by the controller.
- We represent that we have not been, and reasonably believe that we are not likely to be, subject to a Disclosure Request that is unlimited, bulk, disproportionate, or indiscriminate. If, in the future, we have or obtain knowledge of any information that may prevent us from making the foregoing representation, we shall immediately notify you. We shall not respond to Disclosure Requests related to your personal data without notifying you and receiving written authorization from you to respond to the request, unless such response is required to prevent serious imminent harm, in which case you shall be notified of the Disclosure Request and our response promptly. We shall not respond to Disclosure Requests for your personal data that lack appropriate statutory authority under laws applicable to you.
SCHEDULE 2: STANDARD CONTRACTUAL CLAUSES
Standard Contractual Clauses (processors)
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection
Name of the data exporting organisation: the data exporter identified as “Company” in the DPA
(the data exporter)
Name of the data importing organisation: mHelpDesk, Inc
Address: 3040 Williams Dr, Suite 550, Fairfax, VA 22031
(the data importer)
Each a “party”; together “the parties”,
HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
For the purposes of the Clauses:
(a) ‘personal data’, ‘special categories of data’, ‘process/processing’, ‘controller’, ‘processor’, ‘data subject’ and ‘supervisory authority’ shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;
(b) ‘the data exporter’ means the controller who transfers the personal data;
(c) ‘the data importer’ means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
(d) ‘the sub-processor’ means any processor engaged by the data importer or by any other sub-processor of the data importer who agrees to receive from the data importer or from any other sub-processor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
(e) ‘the applicable data protection law’ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
(f) ‘technical and organisational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
Details of the transfer
The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.
Third-party beneficiary clause
- The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
- The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
- The data subject can enforce against the sub-processor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
- The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.
Obligations of the data exporter
The data exporter agrees and warrants:
(a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;
(b) that it has instructed and throughout the duration of the personal data-processing services will instruct the data importer to process the personal data transferred only on the data exporter’s behalf and in accordance with the applicable data protection law and the Clauses;
(c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;
(d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
(e) that it will ensure compliance with the security measures;
(f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
(g) to forward any notification received from the data importer or any sub-processor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;
(h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for sub-processing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
(i) that, in the event of sub-processing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and
(j) that it will ensure compliance with Clause 4(a) to (i).
Obligations of the data importer
The data importer agrees and warrants:
(a) to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
(b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
(c) that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;
(d) that it will promptly notify the data exporter about:
(i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation;
(ii) any accidental or unauthorised access; and
(iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;
(e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
(f) at the request of the data exporter to submit its data-processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;
(g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for sub-processing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
(h) that, in the event of sub-processing, it has previously informed the data exporter and obtained its prior written consent;
(i) that the processing services by the sub-processor will be carried out in accordance with Clause 11;
(j) to send promptly a copy of any sub-processor agreement it concludes under the Clauses to the data exporter.
- The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or sub-processor is entitled to receive compensation from the data exporter for the damage suffered.
- If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his sub-processor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.
The data importer may not rely on a breach by a sub-processor of its obligations in order to avoid its own liabilities.
- If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the sub-processor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the sub-processor agrees that the data subject may issue a claim against the data sub-processor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the sub-processor shall be limited to its own processing operations under the Clauses.
Mediation and jurisdiction
1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
(a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;
(b) to refer the dispute to the courts in the Member State in which the data exporter is established.
2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.
Cooperation with supervisory authorities
- The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
- The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any sub-processor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.
- The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any sub-processor preventing the conduct of an audit of the data importer, or any sub-processor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5(b).
The Clauses shall be governed by the law of the Member State in which the data exporter is established.
Variation of the contract
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.
- The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the sub-processor which imposes the same obligations on the sub-processor as are imposed on the data importer under the Clauses. Where the sub-processor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the sub-processor’s obligations under such agreement.
- The prior written contract between the data importer and the sub-processor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the sub-processor shall be limited to its own processing operations under the Clauses.
- The provisions relating to data protection aspects for sub-processing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established and headquartered.
- The data exporter shall keep a list of sub-processing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5(j), which shall be updated at least once a year. The list shall be available to the data exporter’s data protection supervisory authority.
Obligation after the termination of personal data-processing services
- The parties agree that on the termination of the provision of data-processing services, the data importer and the sub-processor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
- The data importer and the sub-processor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data-processing facilities for an audit of the measures referred to in paragraph 1.
This Appendix forms part of the Clauses.
Data exporter is the Company identified in the DPA.
Data importer is mHelpDesk, Inc, which processes personal data upon the instructions of the data exporter in accordance with the terms of the Agreement.
The personal data transferred concern the following categories of data subjects:
Customers of the data exporter
Employees of the data exporter
Categories of data
The personal data transferred concern the following categories of data (please specify):
Employee information (name, email, phone/mobile number, geolocation)
Customer information (name, address, email, phone/mobile number, geolocation)
Special categories of data (if appropriate)
The personal data is processed by data importer for the purpose of providing the Service pursuant to the Agreement.
Technical and Organisational Security Measures
Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
mHelpDesk has developed policies, procedures, training, and tools to protect personal data, including:
- Formal data protection policies are maintained & communicated to all relevant parties. Policies & processes are enforced that govern the collection of new consumer data types, implementation of new consumer services, and use of new service providers.
- An inventory of key consumer personal data elements is maintained.
- Key consumer data is protected with access controls & encryption (in transit and at rest).
- Consumer data is monitored for potential compromise (darkweb monitoring), and a process has been established to notify consumers of incidents and protect accounts as appropriate.
- Key infrastructure changes follow a defined change management process which ensures that changes to infrastructure passes through security gates.
- Processes exist to control users’ ability to create, modify, and remove assets. Permissions are managed according to the principle of least privilege and are reviewed periodically. Alerts & notifications are generated when privileges are used in a way that may indicate malicious activity.
- Multiple security controls are in place to detect data breaches in the rare event that they occur.
- Personnel are trained in incident response procedures.
Last updated: May 10, 2021 © 2021 mHelpDesk