Terms and Conditions

Introduction

The present General Conditions of Sale and Use (the "Conditions") are concluded between: The company WeTransact, a simplified joint stock company with a capital of 1500 euros whose registered office is located at 32 rue du plat, 69002, France hereinafter referred to as "WeTransact",

and

"You" which refers to the Publisher (a legal entity referred to as the "Publisher") or the user (a natural person acting on their own behalf.

for professional purposes, referred to as the "User"). Both the Publisher and the User can access the Solution (provided by WeTransact) by subscribing to it online in the form of licenses.

It is important to read and understand the Terms and Conditions provided by WeTransact before accepting them or accessing the Solution.

If you sign up for a free trial or "POC" (proof of concept) of the Solution, these Terms and Conditions also apply to that trial period.

High-Level Summary

WeTransact follows GDPR guidelines and has a Data Processing Agreement in place to protect personal data. WeTransact owns all intellectual property rights for their product and customers are only allowed to use it.
WeTransact has implemented security measures to prevent data breaches. By design, data will be stored in Europe (Ireland) unless a customer request hosting in a specific country/region.

Article 1. Definitions

Anomaly: means any malfunction, including purely technical malfunction, of the Solution, regardless of the cause, in relation to the Solution specifications and the Documentation.

Publisher: means the legal entity contracting with WeTransact.

Publisher Account : means an account created by WeTransact from the information provided by the Publisher, in order to allow the Publisher to access the Solution.

User Account: means an account created by a User authorized by the Publisher and WeTransact for the purpose of using the Solution.

General Terms and Conditions of Sale and Use: means the present general terms and conditions of sale and use and their appendices as well as the Plan and any other document which may have been brought to the attention of the Publisher at the time of the conclusion or execution of the Terms.

Date of Availability: means the date of availability of the Solution to the Publisher, manifested by the sending by WeTransact to the Publisher a confirmation email of the Publisher Account.

Offer(s): The Solution provided by WeTransact is available in different formats, called "Offers." The Publisher selects an Offer and at least a plan (described below).

Plan(s): The conditions for subscribing to the Solution include the type of subscription chosen, the modules selected, and the applicable price. Plans are available on azure.marketplace.com, appsource.microsoft.com, and possibly the Microsoft Teams Store and Azure Portal. Each plan is governed by the terms and conditions outlined in this document.

Private Offer: This is an offer that is created specifically for one Publisher. A Private Offer may have its own terms and conditions that replace the General Terms and Conditions of Sale and Use for the Publisher accepting the offer. The plans associated with the Private Offer will follow the terms and conditions specified in the Private Offer.

Documentation: This refers to the descriptions and instructions for using the Solution, which may be provided in print or on machine-readable media. It includes any documentation provided to the Publisher or posted on the WeTransact website regarding the Solution or any of its components, including any updates or modifications. This does not include commercial, promotional, or training documentation.

Publisher Data: This refers to the data generated by the Publisher and their Users when using the Solution, such as data submitted, stored, sent, or received through the Solution. This may include, but is not limited to, the Publisher's Publisher personal data. Publisher Personal Data means any information contained in the Publisher Data that relates to an identified or identifiable natural person.

Right of Use: means the right to use the Solution granted by WeTransact to the Publisher and to the Publisher's Users authorized by the Publisher, as described in article 4.1 of the Terms.

Confidential Information: This refers to any kind of information (commercial, industrial, technical, financial, etc.) that is disclosed by one party (the "Disclosing Party") to the other party (the "Recipient") in connection with these terms and conditions, whether in writing, orally, or during an audit. Confidential Information includes, but is not limited to, personal data, documentation, the Solution, all code for the Solution, all computer programs provided with the Solution, and all algorithms, methods, techniques, and processes disclosed or used in the performance of these terms. Confidential Information does not include information that (a) was independently developed by the Recipient without the use of Confidential Information from the Disclosing Party, (b) is already known to the Recipient, (c) was already in the public domain at the time of disclosure or has entered the public domain not as a result of any act or omission by the Recipient, or (d) was already known to the Recipient at the time of disclosure.

Updates: These are successive partial or complete versions of the Solution that may include corrections for anomalies and/or improvements to the functionality provided by WeTransact as part of the evolution of technology, legal and regulatory frameworks, and functionalities.

WeTransact: means WeTransact SASU, a simplified joint stock company registered in the Cherbourg Trade and Companies Register, whose registered office is located at 32 rue du Plat, 69002 LYON.
GDPR: refers to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Parties: means WeTransact and its co-contractor under the Terms, namely the Publisher or the User, as the case may be. Subscription Period: means the duration of the right to use the Solution granted to the Publisher under these Terms.

Privacy Policy: means the privacy policy of WeTransact whose purpose is to inform the User about the processing of his Personal Data. The Privacy Policy is available at the URL: https://www.WeTransact.io/legals/privacy. Third Party Online Service: means application functionalities delivered online for which a third party is the author, editor and/or operator but for which WeTransact has rights of use and/or distribution in the framework of the Solution.

Support Services: means the services described in Appendix 7 of the Terms, consisting in answering Users' requests concerning the operation of the Solution, or in giving them the right to use the Online Support Platform.

Related Services: means the services related to the provision of the Solution by WeTransact to the Publisher, namely the support, maintenance, evolution and optimization services of the Solution.

Website: means the WeTransact website whose URL is https://www.WeTransact.io/ or any other website that may replace it.

Solution means the WeTransact SaaS platform developed and marketed by WeTransact and for which the Publisher and its Users have the Right of Use under these Conditions.

Users: means the users of the Solution who are natural persons authorized by the Publisher and acting under its responsibility, i.e. either employees, service providers, collaborators or corporate representatives of the Publisher acting within the framework of their employment contract, corporate mandate or commitment with the Publisher, and who accept the Conditions.

Article 2. Purpose of the Conditions, Acceptance

2.1. Purpose of the Conditions.

The purpose of the Terms is to determine and govern the terms and conditions under which (i) WeTransact provides a Right of Use of the Solution to Publisher and Users and (ii) Publisher and Users access and use the Solution.

2.2 Publisher's Acceptance of Terms.

The Publisher is required to accept the Terms and Conditions when creating a Publisher Account. By checking the box indicating that they have read, understood, and accept the Terms, the Publisher confirms that they have read and fully agree to all the terms and conditions without reservation. The person accepting the Terms on behalf of the Publisher must have the authority to do so and commit both themselves and the Publisher to the terms. After accepting the Terms, the Publisher will receive a copy of them via email in PDF format and will be able to access, save, or print them at any time.

The Publisher agrees to make sure that any User understands and fully agrees to the Terms and Conditions. The Publisher also confirms that they have performed all necessary due diligence before committing to the Solution and that they have received all necessary information to determine that the Solution meets their needs.

2.3. Acceptance of the Conditions by the User.

The Terms and Conditions are provided to the User when they first access their User Account, before they can use the Solution. The User can access the Terms and Conditions through the website at any time. By accessing or using any part of the Solution, the User confirms that they have read, understood, and fully agreed to the Terms and Conditions. Any person who does not accept the Terms and Conditions is not allowed to access or use the Solution

Article 3. Versions, Modifications of the Conditions

3.1. Version.

The version of the Terms and Conditions that applies to the Publisher and their Users is the one that is in effect on the day that the Publisher accepts them. The Publisher will receive a copy of these Terms via email after accepting them.

3.2 Modification.

WeTransact has the right to change the Terms and Conditions at any time. They will notify the Publisher and Users of any changes at least two months in advance of their effective date. This notification can be provided in writing, such as via email, or through the Solution or the Website.

3.3. Acceptance or rejection of changes by the Publisher.

If the Publisher does not agree with any changes made to the Terms and Conditions, they have the right to terminate the terms without penalty by giving one month's notice to WeTransact. This is the Publisher's only option in this situation. If WeTransact does not receive a request for termination within two months of notification of the changes, it will be assumed that the Publisher and their Users have accepted the changes. The amended Terms will replace the previous version and will be provided to the Publisher via email in PDF format at the address associated with their Publisher Account. If the changes to the Terms are required by law or regulations, they will automatically go into effect and WeTransact will notify the Publisher of the changes. In this case, the Publisher still has the right to terminate the Terms according to Section 9.2 of the Terms.

3.4. Acceptance or refusal of the modifications by the User.

If the User does not agree to any changes made to the Terms and Conditions, they should stop using the Solution immediately. If the User continues to access the Solution after a two-month period following notification of the changes, it will be assumed that they have accepted the changes and the modified version of the Terms and Conditions will replace the previous version.

Article 4. Access and Use

4.1. Right to Use the Solution.

If the Publisher agrees to the Terms and Conditions and pays the subscription fee as outlined in the plan, WeTransact grants the Publisher a limited, non-exclusive, non-transferable, and personal right to use the Solution and its updates by its Users according to the terms and the documentation. This right to use the Solution (called the "Right of Use") is granted to the Publisher and their Users from the date that the Solution becomes available and until the end of the subscription period, which is the duration of the copyright. This right is only valid for as long as the Terms and Conditions are in effect.

4.2. Access to the Solution.

The Software is accessible through the the URL communicated by WeTransact to the publisher during onboarding. The Publisher acknowledges that they have the necessary skills and resources to access and use the Solution, including an Internet connection from a provider of their choice (the cost of which is their responsibility). The Publisher also understands that the quality and reliability of transmissions depend on the network infrastructure and may be subject to disruptions or network saturation, which may prevent them from accessing the Solution. It is the Publisher's responsibility to ensure the security of their terminal equipment and Publisher data, software, and any other equipment, including protecting against viruses or attempted intrusions. The Publisher is also responsible for any damage to equipment connected to the website or the Solution, including damage resulting from their connection to the website or the Solution.

4.3. Publisher account.

To access and use the Solution, the Publisher must create a Publisher Account using the information provided. To do so, the Publisher must fill out the required form on the corresponding page. The information provided must be complete, accurate, and up to date, and the Publisher is responsible for ensuring this. If any of the information changes, the Publisher must update it to keep the account accurate. The Publisher is solely responsible for the use of the publisher account, except in cases of data breach caused by WeTransact. The Publisher agrees to keep their password confidential and to notify WeTransact immediately if it is compromised or disclosed. The email address linked to the publisher account must remain valid for the Publisher to use the Solution. After the publisher account is created, a confirmation message will be sent to the indicated email address. The Publisher must activate the link in the message to validate the account creation. Once the publisher account has been created, the Publisher's Users can create their own user accounts and access the Solution.

4.4 User Account.

To use the Solution, a User must create a user account by filling out the required form on the corresponding page, including their first and last name, their company, a valid email address, and a password. Each user account is specific to the provided email address and cannot be shared with other users. The requested data is collected for the purpose of creating a user account and providing the Solution. The information provided must be complete, accurate, and up to date, and both the Publisher and the User are responsible for this. If any of the information changes, the User must update it to keep the account accurate. The User is solely responsible for the use of their user account and must keep their password confidential and notify WeTransact immediately if it is compromised or disclosed. The provided email address must remain valid for the User to access the Solution. After the user account is created, a confirmation message will be sent to the provided email address. The Publisher must activate the link in the message to validate the account creation.

4.5. Restrictions on the Right of Use.

The Publisher is only authorized to use the Solution within the scope of the Right of Use and within the limits of the choices made upon entering the Terms, as specified in the applicable Offer and selected Plan. The Publisher and its Users must not:

• Pledge, encumber, share, rent, sell, disclose login credentials, or otherwise make the Solution available to any third party who is not a User.
• Create or allow anyone to create any computer program similar to the Solution.
• Use the Solution for any purpose other than business purposes.
• Reverse engineer, disassemble, decompile, or attempt to discover the source code of the Solution.
• Copy, reproduce, manufacture, imitate, create derivative works of, translate, localize, port, or otherwise modify the source code and/or database structure of the Solution, or engage any other person to perform similar activities.
• Sue, attack, compromise, bring suit, take, or fail to take any action that may infringe upon WeTransact's rights, title, or interest in the Solution.

‍4.6. Suspension of Right of Use.‍

‍WeTransact has the right to suspend the Publisher's or any User's right to use the Solution in the following circumstances:

• In the event of a breach of Publisher Data or a security breach, in order to protect the Publisher Data until the breach has been resolved
• If the Publisher or User breaches the Terms
• If WeTransact considers any actions or omissions by the Publisher or User to be inappropriate or disruptive to the Solution or to any other User or Publisher.

‍WeTransact will typically allow the Publisher seven calendar days from notification of the breach to resolve it before suspending the right to use the Solution, unless it is an emergency situation. This period may be extended with the written consent of WeTransact. In this case, the Parties will work together to resolve the issue within a reasonable time, and WeTransact will restore the Publisher's access to the Solution as soon as possible.

Article 5. Intellectual Property

5.1. Intellectual property of WeTransact‍

The Solution is a work of the mind within the meaning of the Code of the Intellectual Property. As such, WeTransact, in its capacity as holder of the copyright on the Solution, is invested with moral and patrimonial rights. WeTransact owns and retains all intellectual property rights and titles to the Solution, including all copyrights, patents, trade secret rights, trademarks and other intellectual property rights therein. The Publisher does not acquire any ownership or title of any kind in the Solution, except for the Right of Use. Because of the above, the Publisher shall refrain from any act or conduct that may directly or indirectly infringe the intellectual property rights on the Solution, as well as on the associated trademarks. Any use not expressly authorized by WeTransact hereunder is unlawful, in accordance with the provisions of Article L.122-6 of the Intellectual Property Code. The Publisher shall not remove, conceal or modify any copyright, trademark or other proprietary notices affixed or attached to the Solution.

‍5.2 Warranty of eviction: protection of the Publisher in the event of action by third parties‍

‍5.2.1. Obligation to defend.‍

‍WeTransact owns the copyright and all other intellectual property rights to the Solution. The Publisher only has the right to use the Solution and does not own any part of it. The Publisher must not do anything that could infringe the intellectual property rights of the Solution or its trademarks. Any unauthorized use of the Solution is illegal. The Publisher must not remove, conceal, or modify any copyright, trademark, or other proprietary notices on the Solution.This warranty shall only be acquired on the condition that Publisher:

1. Immediately notifies WeTransact in writing of such claim;
2. Gives WeTransact sole control over the defense and settlement of the claim, including the right to settle;
3. Provides WeTransact, at WeTransact's expense, with all assistance, information and authority reasonably necessary to defend and settle the claim.

WeTransact shall only be responsible for such expenses of proceedings or settlements as WeTransact expressly agrees to in writing.‍

‍5.2.2. Exceptions.‍

The obligations of WeTransact set forth in 5.2. 1 above shall not apply to damages, costs and expenses resulting from (1) any use of the Solution beyond the scope of the Right of Use granted by these Terms, (2) any modification or derivative work of the Solution made by or for Publisher, (3) the use of an obsolete infringing version of the Solution (or any component thereof) by Publisher after WeTransact has released a non-infringing version, or (4) any use or combination of the Solution with any technology, software or hardware not provided by WeTransact (including, without limitation, a third party online Service), where the alleged infringement could have been avoided by using the Solution without such technology, software or hardware.

‍5.2.3. Remedies.‍

In the event of a claim under 5.2.1 without the exceptions set forth in 5.2.2, or if WeTransact believes that a claim is likely, WeTransact may, in its discretion: (1) grant Publisher a Right of Use to continue to use the Solution; or (2) replace or modify the Solution to make it non-infringing, provided that the replacement Solution is substantially similar to the Solution. If WeTransact determines that these remedies cannot reasonably be implemented, WeTransact may elect to terminate these Terms, in which case Publisher shall be entitled to a pro rata refund of amounts already paid to WeTransact under the Right of Use for the current month. If WeTransact chooses one of the options in this section 5.2.3, the solution so chosen shall be the sole and exclusive remedy for Publisher's claim for infringement of intellectual property rights.

‍5.3 Ownership and use of Publisher Data‍

‍5.3.1. Ownership of Publisher Data.‍

Publisher is responsible for all the data they submit to the Solution, including any copyrighted, trademarked, or proprietary material. They must have permission to use this material and grant WeTransact a limited right to use it for the purposes of these Terms. If there are any claims or legal issues related to this data, the Publisher will be responsible for them and will have to pay for WeTransact's defense and any resulting costs.

‍5.3.2. Limited Rights to Use Publisher Data by the Solution.

‍Publisher agrees that WeTransact can access and process Publisher Data to provide the Solution and related Services to Publisher. To do this, Publisher grants WeTransact a non-exclusive, royalty-free license to: Use the Publisher Data to provide the Solution and related Services. This includes the right to access, extract, use, and reproduce the Publisher Data, as well as translate it into any language. Use the copyright on the Publisher Data to reproduce, duplicate, print, or record all or part of the Publisher Data on any medium. This includes the right to reproduce, store, display, execute, transmit, and save the Publisher Data in any format, as well as to edit, republish, and interface with it. This license applies both domestically and internationally, and for the full term of the legal protection of the relevant rights. It also includes the right to use the Publisher Data for error correction, monitoring, and maintenance.

Article 6. Recourse.

In the context of the Publisher's use of the WeTransact Solution, in case of complaints related to the security of the Solution, the Publisher may address a complaint to WeTransact at johan.aussenac@wetransact.io The time limit for processing complaints is ten working days from receipt of the complaint to acknowledge receipt (unless the response itself is provided within this period) and one month from receipt of the request for the response itself. WeTransact's reply will specify the possible means of recourse and in particular the existence and contact details of the competent mediator.

Article 7. Obligations of the Parties

7.1. Obligations of WeTransact‍

‍7.1.1. Availability.‍

‍WeTransact sizes its hosting infrastructure, hardware and systems to deliver the Solution in the best conditions of security and accessibility. WeTransact undertakes to make the Solution available to the Publisher under the conditions of availability defined in the Service Level Agreement annexed to these Terms (Appendix 3, SLA), which provides for an Availability of the Solution of 99.9%. If the availability of the Solution falls below 99.9%, WeTransact will make available to the Publisher SLA credits (defined in Appendix 3) to compensate the Publisher for the unavailability of the Solution. If the availability of the Solution falls below 90%, Publisher may terminate these Terms immediately and shall be entitled to a pro-rata refund of amounts already paid to WeTransact under the Right of Use for the current month.

‍7.1.2. Updates.‍

Updates to the Solution will be made available to Publisher at no additional charge. However, the availability of certain enhancements and new features of the Solution may require the payment of additional fees, and WeTransact will determine in its sole discretion whether access to any such enhancement will require additional fees. These Terms shall apply to all Updates, enhancements and new features of the Solution subsequently provided by WeTransact to Publisher. WeTransact shall have no obligation to make any such upgrades requested by Publisher.

‍7.1.3. Commitment to correct the Anomalies.‍

‍WeTransact does not guarantee that the Solution is free of all hazards, defects in design or use, but undertakes to attempt to remedy reproducible Defects with the diligence of an industry professional. The Solution is deemed to be made available to Publishers "as is" without any specific customization measures and cannot meet all specific Publisher needs. WeTransact does not warrant the ability of the Solution to achieve any goals or results that Publisher may have set for itself and/or to perform any tasks that may have motivated Publisher to enter into these Terms.

‍7.1.4. Security.

WeTransact agrees to:‍

• Implement necessary measures to ensure the security of data hosted and stored in its systems
• Implement technical and organizational measures to ensure the security of Personal Data processed by the Solution, as detailed in the Personal Data Processing Agreement (Appendix 3).
• Use and maintain the Solution in good working order to receive and promptly execute requests from Users and transmit the results of requested aggregations 24/7 (subject to unavailability specified in the Service Level Agreement).
• Report any security breaches or necessary updates to ensure the security of the storage system for Users' identifiers.
• Manage the exercise of the rights of individuals in accordance with the GDPR.

‍7.1.5. Hosting.‍

‍WeTransact will provide the hosting environment for the Solution and Publisher Data on servers located in the European Union through Microsoft Azure. The servers and data center will be in Dublin, Ireland. Publishers can request their related data to be hosted in another region/country. If WeTransact agrees with it – WeTransact will issue an amendment that will replace section 7.1.5 of this Term of Uses. WeTransact will also implement necessary security measures and technical and organizational measures to ensure the security of Personal Data processed by the Solution and will report any security breaches or updates needed to ensure the security of the storage system for Users' identifiers. WeTransact will also assist the Publisher in processing Users' requests concerning their data and manage the exercise of the rights of the individuals involved in accordance with the GDPR.

‍7.2. Publisher's Obligations‍‍

7.2.1. Publisher & User‍

Publisher and User agree to use the Solution in accordance with applicable law, the Documentation, and these Terms.

‍7.2.2. The Publisher and, where applicable, the User;‍

The Publisher agrees to use the Solution for their professional activity only and in accordance with its documentation. They are solely responsible for their Publisher Data and accept full responsibility for its nature, content, accuracy, integrity, and legality. The Publisher agrees not to attempt to gain unauthorized access to the Solution, and not to send or store non-professional or illegal data through the Solution. They will provide WeTransact with necessary technical data and information about their computer facilities, files, documentation, and other resources in a timely manner at their own expense. The Publisher will provide WeTransact with information needed to create a plan and User accounts, and ensure that only authorized Users have access to the Solution. They will also ensure that all Users accepting the terms and conditions and respect their obligations. The Publisher agrees to take necessary precautions to keep Confidential Information confidential.

Article 8. Duration - Termination - Reversibility

8.1.1. Termination of the Conditions for convenience.‍

The Terms may be terminated by the Publisher at any time by notice to WeTransact as provided below. Any started Plan is due. Thus, amounts already paid to WeTransact under the Right of Use for any month started will not be refunded.

‍8.1.2. Termination of the Terms in case of breach by a Party of any of its obligations.‍

Each Party may terminate the Terms by registered letter with acknowledgement of receipt, in the event of non-performance or non-compliance by the other Party of any of its obligations under the Terms, provided that the non-defaulting Party has notified the defaulting Party in writing of this breach and that the defaulting Party has not remedied the breach within fifteen (15) calendar days of this notification. In the event of termination of the Terms by WeTransact under 8.1.2, the Right of Use shall cease immediately, and Publisher shall not be entitled to any refund. In the event of termination of the Terms by Publisher under 8.1.2, Publisher shall have a Right of Use for the duration of the calendar month in which the termination occurs and shall be liable to WeTransact for the remainder of its obligations until that date.8.1.3. Effect of Termination of Terms.Termination of the Terms shall result in termination of Publisher's subscription. The date of termination of Publisher's subscription is the effective date of termination of the Terms. The rights and obligations of the Parties which, by their nature, survive the termination or completion of the Conditions shall remain in full force and effect after the termination of the Conditions.8.2. Reversibility and export of data.Within thirty (30) days of the effective date of termination of these Terms for any reason, (1) WeTransact will remove all synchronization between the Solution and the Third-Party softwares used by Publisher (if any), and (2) Publisher shall export its Data accessible via the Solution, or request from WeTransact the return of a copy of the last backup of its Data Except specific request of the Publisher, the Data of the Publisher will be, in the event of request of its share, restored to him in a standard format. In order to facilitate the transfer of the Publisher Data to the Publisher, the Publisher may request in writing the opening of a reversibility phase, which will begin fifteen (15) calendar days after receipt of the Publisher's request. The reversibility phase will have a maximum duration of one month, unless the Parties agree otherwise. WeTransact will provide commercially reasonable and good faith cooperation to Publisher to facilitate the export of its Data. Beyond this cooperation, reversibility will be at Publisher's expense regardless of the cause of termination of the Terms.

Article 9. Financial conditions

9.1. Price.‍

In consideration of the Right to Use the Solution and the Support Services, Publisher agrees to pay WeTransact the price as set forth in the applicable Plan(s).

‍9.2 Payment.‍

All sales are conducted through the Microsoft Marketplace storefronts by default. However, WeTransact may, at its discretion, agree with the Publisher on an alternative method of payment. In such cases, WeTransact will issue an invoice reflecting the mutually agreed-upon terms documented in a written format, such as email correspondence.

The Publisher is required to settle the payment on or before the due date specified in the invoice. Any delays in payment will incur a penalty fee. Upon first accessing the solution, the Publisher must explicitly agree to these Terms and Conditions

Any default of payment will lead to a suspension of the Publisher subscription. A suspension means the publisher will not be able to access the Solution until payment is processed on time. Unless WeTransact and Publisher had previously agreed on something else with writing proof.

Article 10. Responsibility of WeTransact - Insurance

10.1. Responsibility of WeTransact‍

‍10.1.1. Obligation of means.‍

Under these terms, WeTransact is committed to doing its best to provide high quality and reliable services, including security, scalability, and compliance with industry standards. WeTransact is also responsible for ensuring reliable access to internet-dependent services, including third-party servers, and their performance.

‍‍10.1.2. Limitation of liability.‍

‍WeTransact is only responsible for providing the Solution to integrate with Cloud Marketplace(s). The Publisher is responsible for their own decisions and actions based on the Solution. WeTransact will not be held responsible for any interruptions or damages resulting from:

• Force majeure events or decisions by authorities;
• Problems with the Publisher's equipment;
• Unauthorized or fraudulent use of the Solution by the Publisher or third parties;
• Use of the Solution by the Publisher or its users that is not allowed by these Terms or any misuse of the Solution by the Publisher;
• Intrusions or fraudulent actions by third parties that compromise the security of the system, even if WeTransact has implemented reasonable security measures;
• The nature and content of the information and data created and/or shared by the Publisher;
• Data, information, results, or analyses from third parties transmitted or received through the use of the Solution;
• Delays in the delivery of information and data that are not caused by WeTransact;
• Problems with the transport of information to or from the hosting center of WeTransact or the Publisher;
• Issues with internet or telephone networks not implemented by WeTransact;
• A change in a payment service provider's authentication system and its consequences;
• Acts, failures or omissions of telecommunication operators when the infrastructures or services of the latter are used to transmit the Publisher's data;
• An email notification sent to the Publisher or to a User that has been considered as spam by his email provider;

‍10.1.3. Nature of the damage.‍

‍WeTransact will only be held responsible for any direct, foreseeable damages caused by the Solution if it is proven that the WeTransact is at fault. WeTransact will not be held responsible for any indirect or unforeseeable damages suffered by the Publisher or any third party, including but not limited to any loss of profits, loss of business, loss of revenue or profits, loss of customers, or loss of opportunities. The Publisher agrees to take all necessary precautions to minimize any damages that may result from the use of the Solution. Any damages suffered by a third party are considered indirect damages and do not entitle the Publisher to compensation.

‍‍10.1.4. Amount of damages.

‍The amount of compensable damages that WeTransact may be required to pay to Publisher is limited, for all damages combined, to the price actually paid by Publisher for the Right to Use the Solution for the twelve (12) month period preceding the event(s) giving rise to such liability for said year. This section shall survive termination or rescission hereof for any reason whatsoever.

Article 11. Force majeure

In accordance with the provisions of article 1218 of the Civil Code, each of the Parties will be released from any responsibility if the non-execution of its obligations results from a case of force majeure, in the sense of the jurisprudence of the Court of Cassation. The Party invoking such circumstances shall notify the other Party of their existence as soon as possible, shall do its best to limit the consequences and shall resume performance of the Conditions immediately after these circumstances have disappeared. If such circumstances continue for more than one (1) month, the Parties agree to enter into discussions with a view to amending the terms of the Conditions to take account of them. If they fail to reach agreement, the Terms may be terminated without compensation by either Party by simple written notice to the other Party, which shall take effect upon receipt.

Article 12. Support Services

WeTransact provides Support Services to Users in accordance with Appendix 7, Support Terms and Conditions.

Article 13. Updates and Maintenance

‍13.1 Planned Maintenance.‍

‍WeTransact periodically schedules and performs maintenance work, including as part of Updates to the Solution, in order to make available new features of the Solution or to correct Defects. In most cases, maintenance will have little or no negative impact on the availability and functionality of the Solution.

‍13.2. Unscheduled Maintenance.‍

‍WeTransact may perform unscheduled maintenance at any time, including to correct certain Anomalies on an emergency basis. The Publisher acknowledges and accepts that legislative or technological developments may, at any time, render all or part of the Solution illegal or unsuitable. WeTransact will then have the right to update the Solution in order to bring it into conformity with the legal or regulatory provisions in force or, if necessary, with the technological situation.

‍‍13.3. Notification.‍

Where possible, WeTransact will notify Publisher of the date and time of scheduled maintenance with five business days notice. If WeTransact expects a maintenance event, scheduled or unscheduled, to adversely affect the availability or functionality of the Solution, WeTransact will use commercially reasonable efforts to notify Publisher in writing of such maintenance event. If a maintenance operation requires the interruption of the Solution, WeTransact will perform such interruption, to the extent possible, at a time that has the least possible impact on Publisher's use of the Solution.

Article 14. Confidentiality

14.1 Obligations of Recipient.

‍Recipient shall treat as confidential all Confidential Information provided to it by the Disclosing Party and shall use such Confidential Information only for the purpose of performing its contractual obligations under these Terms. Recipient shall not disclose the Confidential Information to any third party without the prior written consent of the Disclosing Party, except for those of its employees and contractors who: (i) have entered into a written agreement with Recipient imposing limitations on use and confidentiality at least as protective as those contained in these Terms, and (ii) require access to such Confidential Information solely for the purpose of fulfilling Recipient's obligations or exercising Recipient's rights hereunder. To protect Confidential Information, Recipient shall use measures identical to those it takes to protect its own highly confidential information, but in no event less than reasonable measures, to prevent unauthorized disclosure and use of Confidential Information.‍

14.2 Exceptions.‍

Confidential Information may be disclosed pursuant to an order of a court, public body or other governmental authority, in which case Recipient shall immediately notify the Disclosing Party and shall use reasonable efforts to limit the scope of such order or to prevent public disclosure of such information.

Article 15. Publisher's Personal Data

‍15.1. Data controller.‍

The Parties shall in all circumstances comply with the regulations applicable to them in terms of the protection of Personal Data, in particular to the RGPD. The Parties undertake, as data processors for the processing operations of Personal Data that they respectively carry out for their own needs within the framework of the present Conditions, to respect all their obligations arising from the RGPD and in particular to provide the persons concerned whose Personal Data are likely to be processed, with the relevant information relating to the protection of their personal data as described in the respective Privacy Policy of the parties. WeTransact's Privacy Policy is available at the following link: https://www.WeTransact.com/privacypolicy. The Publisher and the User declare that they have read it and accept all the terms.

‍15.2. Subcontractor.‍‍

The Personal Data Processing Agreement (Appendix 2) outlines the rules for how WeTransact (the processor) will handle Personal Data on behalf of the Publisher (the controller) and its Users when using the Solution. This includes any Personal Data collected when creating Publisher or User Accounts, as well as any Personal Data processed during the use of the Solution and related services. The Publisher is responsible for the processing of Personal Data and WeTransact must follow the Publisher's instructions as outlined in the Personal Data Processing Agreement.

‍15.3. Further Processing.‍

The Parties also agree that WeTransact may process the Personal Data collected in the course of the operation of the Solution as a data controller for the purposes of fraud and malware prevention and detection, security incident management, improvement of the Solution (e.g. improvement of the user experience or user journey, development of new features or improvement of existing features...), or creation of statistics (the "Further Processing"). The Publisher expressly acknowledges that this Further Processing is determined and compatible with the Initial Processing given (among other things) the link between these two processes (use and improvement of the Solution), the nature of the Personal Data involved (absence of Sensitive Data), the limited consequences of the Further Processing for the Data Subjects, and the existence of appropriate safeguards that we implement in the context of this processing. The Publisher therefore authorizes this Further Processing.

Article 16. Subcontracting

The Publisher expressly agrees that WeTransact may, without any prior authorization or information, subcontract all or part of its obligations hereunder. In case of subcontracting, WeTransact will remain solely responsible for the good respect of the obligations subscribed under the Terms and will be responsible towards the Publisher for any breach due to its subcontractor.

Article 17. Commercial reference

The Publisher authorizes WeTransact to freely quote its name and to use and/or reproduce its logo and/or trademarks on the WeTransact Website, in the commercial documents and e-mails as well as in all press announcements and this under any form and support, as well as on the documents used and/or carried out by WeTransact within the framework of the execution of its obligations under the Conditions.

Article 18. Transfer of the Conditions

WeTransact has the right to transfer its rights and obligations under these Terms to a third party through any legal means, whether or not there is payment involved. If WeTransact chooses to do this, it will no longer be responsible for fulfilling its obligations under the Terms after letting the Publisher know about the transfer. The Publisher is not allowed to transfer the Terms to anyone else without WeTransact's written permission.

Article 19. Imprecision

Aware of the risks and possible consequences linked to the execution of the Conditions, the Parties accept, assume, and consequently renounce to renegotiate the terms, whatever the circumstances which could occur. The Parties therefore expressly decide by mutual agreement that the application of Article 1195 of the Civil Code shall be waived.

Article 20. Applicable law, competent jurisdiction

20.1.‍The Conditions are governed by French law, without application of the rules of conflicts of law.

‍‍20.2.‍The Parties shall endeavor to resolve any disputes that may arise between them amicably.‍

‍20.3.‍Furthermore, in the event of a persistent complaint, the Publisher may write to the Mediator in accordance with article L. 316-1 of the Monetary and Financial Code at the following address Afepame Mediator, Association Afepame, 36 rue Taitbout, 75009 Paris.

‍‍20.4.‍In the absence of an amicable arrangement, any dispute relating to the Conditions, in particular its formation, validity, execution, interpretation, expiry or termination, will be submitted to the appreciation of the Commercial Court of Paris to which jurisdiction is expressly granted, notwithstanding third-party appeals or multiple defendants.‍

Appendix 1 : Personal Data Processing Agreement

This Personal Data Processing Agreement (PDPA) is a part of the main agreement (called the "Terms") between WeTransact and the Publisher. It covers how WeTransact will handle the Publisher's personal data as defined in the GDPR. Both parties agree that WeTransact is a processor or subprocessor of the Publisher's personal data and that the Publisher, as a user of WeTransact's solution, may also be a processor or subprocessor of the Publisher's personal data.Both parties will follow their GDPR obligations regarding the handling of this personal data. This PDPA will take effect on the start date and will end when WeTransact deletes all of the Publisher's personal data. If the GDPR applies to the processing of the Publisher's personal data and the Publisher is acting as a subprocessor on behalf of a third party processor, the Publisher must have the third party's permission and provide evidence of this permission if requested by WeTransact. The Publisher instructs WeTransact to handle the Publisher's personal data only in accordance with the GDPR, the Terms (including this PDPA), and any other lawful instructions from the Publisher.WeTransact will not process, transfer, modify, or disclose the Publisher's personal data to any third party except in accordance with the Publisher's instructions. During the term of the agreement, the Publisher can request to delete their personal data from the solution in a way that is consistent with the solution's functionality. If the Publisher or a user uses the solution to delete the Publisher's personal data and it cannot be retrieved, this will be considered an instruction from the Publisher for WeTransact to delete the data. WeTransact will follow this instruction as soon as possible and within 90 days, unless the law requires the data to be retained for longer.At the end of the agreement (called the "Term"), the Publisher has 30 days to export any data they want to keep from the solution. WeTransact will put in place appropriate technical and organizational measures to protect the Publisher's personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures are described in appendix 2 and include measures to help ensure the confidentiality, integrity, availability and resilience of the solution and personal data, as well as regular testing of their effectiveness. WeTransact may update or modify these measures, but they must not decrease the overall security of the solution.The Publisher's personal data will be hosted by a third party and most technical and organizational security measures will be the responsibility of WeTransact. WeTransact will make sure its employees, contractors, agents and subcontractors follow the security measures as appropriate for their role and have received appropriate training and confidentiality obligations. WeTransact will help the Publisher ensure compliance with its obligations for the security of personal data and for data breaches, including in the event of a data incident, by implementing and maintaining security measures and complying with its obligations for data incidents. If WeTransact becomes aware of a data incident, it will tell the Publisher promptly and take reasonable steps to minimize harm and secure the Publisher's data. The Publisher is responsible for complying with notification obligations under the GDPR and any third party notification obligations related to a data incident.The Publisher is also responsible for their own use of the solution, including ensuring that they have the necessary technical and organizational measures in place to protect their data and that they have a process in place to regularly test, assess and evaluate the effectiveness of these measures. The Publisher must also make sure that they have the necessary consents and permissions to transfer personal data to WeTransact and that they comply with their own GDPR obligations. The Publisher must also tell WeTransact if they become aware of a data incident affecting their personal data. WeTransact is not responsible for the Publisher's failure to comply with their GDPR obligations or for any consequences of this failure.Publisher elects to conduct an audit as set forth above, Publisher shall notify WeTransact in writing at least thirty (30) days prior to conducting the audit and shall bear all costs and expenses associated therewith, such as auditor fees, transportation costs, attorney fees, etc. In any event, any audit imposed by the Publisher pursuant to this Section 14 shall not interfere with or otherwise disrupt the normal course of the Provider's business.Publisher agrees that WeTransact (taking into account the nature of the Processing and the information available to WeTransact) shall provide reasonable assistance to Publisher to ensure Publisher's compliance with all of its obligations with respect to data protection impact assessments and prior consultations, including, where applicable, Publisher's obligations under Articles 35 and 36 of the GDPR, to the extent WeTransact has the necessary information.WeTransact will allow Publisher, in a manner consistent with the functionality of the Solution, to access, rectify or delete or limit the processing of Publisher's Personal Data, as appropriate, including through the deletion option offered by WeTransact as set forth in Section 7 (Deletion during the Term), and to export Publisher's Personal Data, in accordance with the requirements of the GDPR. During the Term, if WeTransact receives a request from a Data Subject regarding Publisher Personal Data, WeTransact will advise the Data Subject to submit its request to Publisher or to submit such request directly to Publisher and it will be Publisher's responsibility to respond to such request. Publisher agrees that WeTransact will provide reasonable assistance to comply with any obligation to respond to requests from Data Subjects, including, where applicable, Publisher's obligation to respond to requests to exercise the Data Subject's rights under Chapter III of the GDPR, consistent with the commitments set forth in this Section 16, to the extent WeTransact is able to respond to such requests.During the term of the agreement, WeTransact agrees that the Publisher's personal data will only be hosted within the European Union. The Publisher gives permission for WeTransact to use affiliates as subcontractors and for other third parties listed in appendix 3 as subcontractors. WeTransact will make sure that these subcontractors only access and process the Publisher's personal data as needed to fulfill their subcontracting responsibilities and that they follow the terms of the agreement, including the provisions in this data processing agreement. WeTransact will also remain responsible for the subcontractors' actions and for any obligations that have been subcontracted to them. If a new subcontractor not listed in appendix 3 is used during the term, WeTransact will tell the Publisher about it (including the subcontractor's name, location, and activities) by email at least 30 days before the subcontractor starts processing any of the Publisher's data. The Publisher can object to the new subcontractor by ending the terms immediately in writing within 30 days of being notified. This is the Publisher's only remedy if they object to a new subcontractor. The GDPR requires WeTransact to collect certain information and keep records about the subcontractors it uses, including their names and contact details, and to make this information available to supervisory authorities. The liability cap in the terms covering the provision of the solution, of which this data processing agreement is a part, will apply to any breach of this agreement or any harm resulting from WeTransact's failure to follow the GDPR. Neither party can assign their rights or obligations without the other party's written permission, except in the case of a reorganization or change of control affecting one of the parties.

Appendix 2: Data Processing Information

Purpose Provision by WeTransact to the Publisher of the Solution and related Services.Categories of Data Subjects WeTransact will process personal data in connection with the provision of the solution and related services for the following categories of individuals: Users, including employees, agents, and service providers of WeTransact; staff of the Publisher's accountant; staff of WeTransact's own Publishers, suppliers/service providers, and subcontractor; and any other person whose data is processed through the solution.Categories of dataPersonal Data to be processed by WeTransact Personal Data to be processed by WeTransact includes data submitted, stored, sent or received by Publisher, its affiliates or Users through the Solution and may include the following categories of data: user identifiers, emails, textual information used in accounting or financial documents (e.g. in invoices), audit log information, system log information (audit log).Location of Processing OperationsLocations where Personal Data will be processed by WeTransact Personal Data will be processed in the geographic locations where the Provider's telecommuting employees are located and in the Provider's facilities and hosting company's data centers located at: 32 rue du plat 69002, Lyon, France Rua Josefa de Obidos 14, 1170-196, Lisbon, Portugal Dublin, ireland for Microsoft Data CentersPurposesPurposes for which Personal Data will be processed by WeTransact WeTransact will process the Publisher's Personal Data indicated above for the following purposes:

• Provision of the Solution to the Publisher's users
• Opening of the users' access to the Solution
• Provision of the Solution and related Services
• Hosting the Publisher's Personal Data

‍Duration of the ProcessingThe period during which WeTransact will carry out its Processing activities The term of the Terms plus the period from the date of expiry of this Term until WeTransact deletes all Publisher Personal Data in accordance with the Data Processing Agreement, including the application of an additional retention period (legal obligation to retain accounting records, 10 years)

Appendix 3 - Security Measures

As of the Date of Availability, WeTransact will implement and maintain the Security Measures described in this Appendix 3 to the Data Processing Agreement. WeTransact may periodically update or modify such Security Measures, provided that such updates and modifications do not result in the degradation of the overall security of Provider's Systems and the Services.Infrastructure securityServer security is provided by Microsoft Azure. Computer access to the server is protected both by all access control measures implemented Microsoft Azure, and by the authentication procedures detailed below.

• User Authentication Security
• Authentication of the Provider's employees to the internal information system

Each employee of the Service Provider has a unique login ID, which is their Microsoft 365 email address on the Service Provider's Exchange Online domain. This email address, associated with a password (see below), allows him/her to access Microsoft 365 and applications whose authentication is based on Azure Active Directory Single Sign On (AAD SSO).An access control system identifies each user and prevents unauthorized users from accessing or using the information resources, as shown below. All users' email addresses are verified at least twice a year and all inactive email addresses are revoked.Users are required to use a password to gain access to any electronic information at both the system and desktop levels. At the system level, to access the Provider's Microsoft 365 workspace and all applications that rely on AAD SSO for authentication, a password is required in combination with the Provider user's Google email address. This password must comply with the following rules:

• Password length: passwords must be a minimum of fifteen characters in length.
• Required Content: Passwords must contain a combination of upper and lower case alphabetical characters, numeric characters and special characters.

At the desktop level, all of the Provider's workstations and physical systems are hardened before use. This includes:

• The installation of a firewall at the level of the operating systems
• Automatic update of operating systems.
• Password protection of workstations.

‍Authentication of the Provider's employees and the Publisher's Users to the Solution ‍

‍The Provider's employees' access to the Solution is protected by AAD SSO mechanism on the Provider's Exchange Online Domaine, whereby Microsoft acts as a trusted third party regarding security alerts for potential login attempts to any of the Provider's employee accounts. On the Publisher's side, Users can access the platform through Azure Active Directory Single-Sign On if they have a Microsoft account. If preferred WeTransact can issue an identifier and passwords. When a User is inactive on the Solution for a certain period of time (two weeks), they are automatically logged out and must log back in using their username and password to access the Solution again. Passwords are stored encrypted with a 256-bit AES encryption algorithm. Encryption keys are deployed in accordance with good IT security practices to prevent fraud or malicious attacks.API Key Encryption Measurements and Encryption Key Management.The Solution's API keys are encrypted. The corresponding encryption keys are generated by the application code on Azure. In accordance with good cryptographic practice, WeTransact prohibits extensive reuse of encryption keys and rotates keys regularly to generate new cryptographic material. In addition, access to encryption keys is strictly limited to developers who need access to the application in production. Access is limited ("need to know basis") by implementing a mandatory justification request form that individuals are asked to complete to prove that access is legitimate and secure. Organizational Measures. WeTransact educates its employees about computer security through the use use of strong passwords, and the regular testing of employees for phishing risks. A security and privacy training is carried out with the Provider's employees on a regular basis in order to refine their knowledge of the fundamental principles of the applicable regulatory texts (in particular RGPD and DSP2). The use of the cryptographic system in the software is controlled by the whole team, the developers collaborating regularly in the respect of the good practices. WeTransact regularly makes its developers aware of the high sensitivity of the data they are required to process, but also of the correct procedures to follow in the event of an alert being transmitted, particularly in the event of loss or theft of the company's computer equipment.Security at Subcontractors.Prior to engaging Third-Party Contractors, WeTransact audits their security and privacy practices to ensure that they provide a level of security and privacy appropriate to their access to data and the scope of services they are asked to provide. Once WeTransact has assessed the risks presented by the Subcontractor, the Subcontractor is then, subject always to the requirements set forth in Section 18 of this TSA, required to commit to appropriate contractual terms and conditions for security, confidentiality and privacy.

Appendix 4 - Service Level Agreement (SLA)

‍1. Service Availability Level‍

‍WeTransact agrees to make the Solution available to Users for at least 99.9% of the time ("Solution Availability"). The Solution Availability will be calculated monthly by applying the following formula: Solution Availability = [(Actual Availability divided by Total Scheduled Availability) multiplied by 100%]. with the following definitions:"Actual Availability" means Total Scheduled Availability (in minutes) less Interruptions (in minutes)."interruption" refers to the time when the solution is unavailable, meaning that users cannot access it. Any partial or temporary malfunction of the solution that does not change its basic functions, as well as any unavailability due to the following events or factors ("Exclusions"), will not be considered an interruption: force majeure; the Publisher or any user using the solution in a way that goes against the terms or documentation; maintenance of the solution as defined in the terms; suspensions of access to the solution that are permitted by the terms; any unavailability caused by an event beyond WeTransact's control, such as the failure of a third party technology or the Publisher's or a third party's environment (e.g. Publisher's internet network) to function properly; any unavailability caused by the Publisher's data."Solution Maintenance" means the time (in minutes) that the Solution is not available to Publisher due to maintenance of the Solution, including maintenance and upgrade operations of the Solution and third party solutions used by WeTransact to provide the Solution. Maintenance of the Solution includes scheduled maintenance and unscheduled emergency maintenance. To the extent possible, WeTransact will provide Publisher with reasonable written notice of any scheduled or emergency maintenance."Total Scheduled Availability" means 7 days a week, 24 hours a day in minutes.2. SLA CreditsIf the availability of the Solution in a given month is less than 99.9%, WeTransact will grant Publisher an SLA credit as defined in the table below:Solution Availability SLA Credits< 99.9% ->= 99% 2% of the monthly price paid by the Publisher< 99% ->= 95% 5% of the monthly price paid by the Publisher< 95% 10% of the monthly price paid by the Publisher WeTransact will apply the SLA credits as a reduction to the Solution Price on the next invoice issued to Publisher. The SLA credits are Publisher's sole and exclusive remedy and WeTransact's sole and exclusive liability for breach of the SLA.

Appendix 5 - Support Terms and Conditions

These Support Terms and Conditions for technical support services (the "Support Terms") apply to support services offered by WeTransact in connection with the provision of the Solution under the WeTransact Terms of Sale and Use. Capitalized terms have the meaning given to them in the Terms.The User may submit support requests by e-mail to johan.aussenac@wetransact.io To make a request for support, the user must provide diagnostic information necessary to process the request, such as a description of the problem, the Publisher's configuration and network, and any relevant Publisher data. The user may be asked to communicate (through chat or video) with WeTransact's support team to answer questions and assist with the request as needed. If necessary, WeTransact's support team and/or any authorized person may access Publisher data and/or impersonate the user to access the user's environment, but this access will be limited in time and used solely for the purpose of processing the request.If WeTransact thinks a support request is actually a request for a new feature, it may redirect the request internally or ask the user to log the request with the product team for consideration to be added in a future update to the solution. WeTransact will provide support services while the terms are in effect and will not be required to provide support services after the terms expire or are terminated.

Privacy Policy

Hosting

WeTransact relies on industry leading service providers for server, hosting and infrastructure management. The WeTransact application and website are hosted by an external cloud provider (Microsoft Azure) with a certified high availability infrastructure and a documented disaster recovery plan.

The servers used by this provider are located within the European Union. The use of Microsoft Azure allows us to deploy new versions of our application, and to ensure that you always have access to the most secure and efficient version of WeTransact. Your data processed by the WeTransact application is stored by Microsoft Azure on servers also hosted within the European Union.

These hosting services offer industry-leading scalability, data availability, security and performance, with a documented business continuity plan.

These hosting providers are certified to leading international standards, including ISO/IEC 27001, and are audited annually by an independent body.Their data centers have 24/7 physical security and some of the most advanced safeguards in the world. This means our data centers are secured by the best infrastructure professionals in the business. Using Microsoft Azure gives us access to levels of security and quality of service that our application can reliably rely on. In addition, all key production systems are backed up and maintain redundancy.This backup service is provided by Azure and is physically located on Azure servers within the European Union in a different availability zone than the primary server in case of physical damage to the data center.

Encryption

On Microsoft Azure, all of your data is encrypted, which helps prevent unauthorized access to your data (including the host itself). This way, even someone who would have physical access to the servers could not read the data. All data flows are encrypted from end to end, whether they are between the application and you, the Microsoft Azure servers, or our teams.

Authentication

If you have a Microsoft account, Azure Active Directory Single Sign-On (SSO) is used to access the application to comply with your organisation authentification governance. If preferred, WeTransact can issue an identifier and password to access the application. An access control system identifies each user and prevents unauthorized users from accessing or using the information resources.

Passwords are stored encrypted with a 256-bit AES encryption algorithm. Encryption keys are deployed in accordance with good IT security practices to prevent fraud or malicious attacks.

Protection of personal data

We only process personal data of our users for the purpose of providing and improving the WeTransact.io application and the provision of application maintenance and support. In accordance with the GDPR, these processing operations, their legal basis, duration, and purpose are detailed in the Data Processing Agreement attached to our general terms and conditions and in our Privacy Policy.

The Data Processing Agreement concerns all processing of Personal Data for which the Customer determines the purpose and means of such processing and for which we are a subcontractor. The Privacy Policy covers all processing of Personal Data for which we are the data controller. Our subcontractor Microsoft Azure is also subject to the requirements of the GDPR due to the fact that the data subjects whose data we process are European and that Microsoft Azure acts as subcontractor of WeTransact.io, a French company subject to the GDPR.

Our users' personal data is not used for commercial purposes and is not part of our business model. Our users keep control of their data and can at any time exercise their rights to access, modify or delete their personal data by writing to Johan Aussenac, founder of WeTransact

Security of the application

The security of the application is regularly tested. Any vulnerabilities found are corrected as part of our iterative process of constantly improving the security of the application.